1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="run_v1alpha1.html">Cloud Run Admin API</a> . <a href="run_v1alpha1.projects.html">projects</a> . <a href="run_v1alpha1.projects.locations.html">locations</a> . <a href="run_v1alpha1.projects.locations.services.html">services</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#close">close()</a></code></p> 79<p class="firstline">Close httplib2 connections.</p> 80<p class="toc_element"> 81 <code><a href="#create">create(parent, body=None, x__xgafv=None)</a></code></p> 82<p class="firstline">Rpc to create a service.</p> 83<p class="toc_element"> 84 <code><a href="#delete">delete(name, apiVersion=None, kind=None, orphanDependents=None, propagationPolicy=None, x__xgafv=None)</a></code></p> 85<p class="firstline">Rpc to delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions.</p> 86<p class="toc_element"> 87 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 88<p class="firstline">Rpc to get information about a service.</p> 89<p class="toc_element"> 90 <code><a href="#getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</a></code></p> 91<p class="firstline">Get the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies.</p> 92<p class="toc_element"> 93 <code><a href="#list">list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)</a></code></p> 94<p class="firstline">Rpc to list services.</p> 95<p class="toc_element"> 96 <code><a href="#replaceService">replaceService(name, body=None, x__xgafv=None)</a></code></p> 97<p class="firstline">Rpc to replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control.</p> 98<p class="toc_element"> 99 <code><a href="#setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</a></code></p> 100<p class="firstline">Sets the IAM Access control policy for the specified Service. Overwrites any existing policy.</p> 101<p class="toc_element"> 102 <code><a href="#testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</a></code></p> 103<p class="firstline">Returns permissions that a caller has on the specified Project. There are no permissions required for making this API call.</p> 104<h3>Method Details</h3> 105<div class="method"> 106 <code class="details" id="close">close()</code> 107 <pre>Close httplib2 connections.</pre> 108</div> 109 110<div class="method"> 111 <code class="details" id="create">create(parent, body=None, x__xgafv=None)</code> 112 <pre>Rpc to create a service. 113 114Args: 115 parent: string, The project ID or project number in which this service should be created. (required) 116 body: object, The request body. 117 The object takes the form of: 118 119{ # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 120 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 121 "kind": "A String", # The kind of resource, in this case "Service". 122 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 123 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 124 "a_key": "A String", 125 }, 126 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 127 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 128 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 129 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 130 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 131 "A String", 132 ], 133 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 134 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 135 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 136 "a_key": "A String", 137 }, 138 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 139 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 140 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 141 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 142 "apiVersion": "A String", # API version of the referent. 143 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 144 "controller": True or False, # If true, this reference points to the managing controller. +optional 145 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 146 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 147 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 148 }, 149 ], 150 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 151 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 152 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 153 }, 154 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 155 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 156 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 157 }, 158 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 159 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 160 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 161 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 162 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 163 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 164 "a_key": "A String", 165 }, 166 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 167 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 168 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 169 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 170 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 171 "A String", 172 ], 173 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 174 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 175 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 176 "a_key": "A String", 177 }, 178 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 179 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 180 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 181 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 182 "apiVersion": "A String", # API version of the referent. 183 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 184 "controller": True or False, # If true, this reference points to the managing controller. +optional 185 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 186 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 187 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 188 }, 189 ], 190 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 191 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 192 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 193 }, 194 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 195 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 196 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 197 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 198 "A String", 199 ], 200 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 201 "A String", 202 ], 203 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 204 { # EnvVar represents an environment variable present in a Container. 205 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 206 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 207 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 208 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 209 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 210 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 211 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 212 }, 213 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 214 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 215 }, 216 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 217 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 218 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 219 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 220 }, 221 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 222 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 223 }, 224 }, 225 }, 226 ], 227 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 228 { # EnvFromSource represents the source of a set of ConfigMaps 229 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 230 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 231 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 232 }, 233 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 234 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 235 }, 236 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 237 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 238 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 239 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 240 }, 241 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 242 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 243 }, 244 }, 245 ], 246 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 247 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 248 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 249 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 250 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 251 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 252 "A String", 253 ], 254 }, 255 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 256 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 257 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 258 { # HTTPHeader describes a custom header to be used in HTTP probes 259 "name": "A String", # The header field name 260 "value": "A String", # The header field value 261 }, 262 ], 263 "path": "A String", # Path to access on the HTTP server. +optional 264 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 265 "intVal": 42, # The int value. 266 "strVal": "A String", # The string value. 267 "type": 42, # The type of the value. 268 }, 269 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 270 }, 271 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 272 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 273 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 274 "intVal": 42, # The int value. 275 "strVal": "A String", # The string value. 276 "type": 42, # The type of the value. 277 }, 278 }, 279 }, 280 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 281 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 282 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 283 "A String", 284 ], 285 }, 286 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 287 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 288 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 289 { # HTTPHeader describes a custom header to be used in HTTP probes 290 "name": "A String", # The header field name 291 "value": "A String", # The header field value 292 }, 293 ], 294 "path": "A String", # Path to access on the HTTP server. +optional 295 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 296 "intVal": 42, # The int value. 297 "strVal": "A String", # The string value. 298 "type": 42, # The type of the value. 299 }, 300 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 301 }, 302 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 303 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 304 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 305 "intVal": 42, # The int value. 306 "strVal": "A String", # The string value. 307 "type": 42, # The type of the value. 308 }, 309 }, 310 }, 311 }, 312 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 313 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 314 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 315 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 316 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 317 "A String", 318 ], 319 }, 320 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 321 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 322 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 323 { # HTTPHeader describes a custom header to be used in HTTP probes 324 "name": "A String", # The header field name 325 "value": "A String", # The header field value 326 }, 327 ], 328 "path": "A String", # Path to access on the HTTP server. +optional 329 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 330 "intVal": 42, # The int value. 331 "strVal": "A String", # The string value. 332 "type": 42, # The type of the value. 333 }, 334 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 335 }, 336 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 337 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 338 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 339 "intVal": 42, # The int value. 340 "strVal": "A String", # The string value. 341 "type": 42, # The type of the value. 342 }, 343 }, 344 }, 345 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 346 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 347 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 348 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 349 }, 350 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 351 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 352 { # ContainerPort represents a network port in a single container. 353 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 354 "hostIP": "A String", # What host IP to bind the external port to. +optional 355 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 356 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 357 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 358 }, 359 ], 360 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 361 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 362 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 363 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 364 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 365 "A String", 366 ], 367 }, 368 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 369 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 370 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 371 { # HTTPHeader describes a custom header to be used in HTTP probes 372 "name": "A String", # The header field name 373 "value": "A String", # The header field value 374 }, 375 ], 376 "path": "A String", # Path to access on the HTTP server. +optional 377 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 378 "intVal": 42, # The int value. 379 "strVal": "A String", # The string value. 380 "type": 42, # The type of the value. 381 }, 382 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 383 }, 384 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 385 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 386 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 387 "intVal": 42, # The int value. 388 "strVal": "A String", # The string value. 389 "type": 42, # The type of the value. 390 }, 391 }, 392 }, 393 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 394 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 395 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 396 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 397 }, 398 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 399 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 400 "a_key": "A String", 401 }, 402 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 403 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 404 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 405 }, 406 }, 407 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 408 "a_key": "A String", 409 }, 410 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 411 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 412 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 413 }, 414 }, 415 }, 416 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 417 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 418 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 419 "add": [ # Added capabilities +optional 420 "A String", 421 ], 422 "drop": [ # Removed capabilities +optional 423 "A String", 424 ], 425 }, 426 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 427 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 428 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 429 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 430 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 431 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 432 "level": "A String", # Level is SELinux level label that applies to the container. +optional 433 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 434 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 435 "user": "A String", # User is a SELinux user label that applies to the container. +optional 436 }, 437 }, 438 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 439 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 440 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 441 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 442 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 443 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 444 { # volumeDevice describes a mapping of a raw block device within a container. 445 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 446 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 447 }, 448 ], 449 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 450 { # VolumeMount describes a mounting of a Volume within a container. 451 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 452 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 453 "name": "A String", # This must match the Name of a Volume. 454 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 455 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 456 }, 457 ], 458 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 459 }, 460 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 461 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 462 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 463 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 464 "A String", 465 ], 466 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 467 "A String", 468 ], 469 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 470 { # EnvVar represents an environment variable present in a Container. 471 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 472 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 473 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 474 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 475 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 476 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 477 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 478 }, 479 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 480 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 481 }, 482 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 483 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 484 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 485 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 486 }, 487 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 488 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 489 }, 490 }, 491 }, 492 ], 493 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 494 { # EnvFromSource represents the source of a set of ConfigMaps 495 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 496 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 497 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 498 }, 499 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 500 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 501 }, 502 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 503 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 504 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 505 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 506 }, 507 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 508 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 509 }, 510 }, 511 ], 512 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 513 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 514 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 515 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 516 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 517 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 518 "A String", 519 ], 520 }, 521 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 522 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 523 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 524 { # HTTPHeader describes a custom header to be used in HTTP probes 525 "name": "A String", # The header field name 526 "value": "A String", # The header field value 527 }, 528 ], 529 "path": "A String", # Path to access on the HTTP server. +optional 530 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 531 "intVal": 42, # The int value. 532 "strVal": "A String", # The string value. 533 "type": 42, # The type of the value. 534 }, 535 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 536 }, 537 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 538 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 539 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 540 "intVal": 42, # The int value. 541 "strVal": "A String", # The string value. 542 "type": 42, # The type of the value. 543 }, 544 }, 545 }, 546 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 547 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 548 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 549 "A String", 550 ], 551 }, 552 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 553 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 554 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 555 { # HTTPHeader describes a custom header to be used in HTTP probes 556 "name": "A String", # The header field name 557 "value": "A String", # The header field value 558 }, 559 ], 560 "path": "A String", # Path to access on the HTTP server. +optional 561 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 562 "intVal": 42, # The int value. 563 "strVal": "A String", # The string value. 564 "type": 42, # The type of the value. 565 }, 566 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 567 }, 568 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 569 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 570 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 571 "intVal": 42, # The int value. 572 "strVal": "A String", # The string value. 573 "type": 42, # The type of the value. 574 }, 575 }, 576 }, 577 }, 578 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 579 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 580 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 581 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 582 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 583 "A String", 584 ], 585 }, 586 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 587 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 588 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 589 { # HTTPHeader describes a custom header to be used in HTTP probes 590 "name": "A String", # The header field name 591 "value": "A String", # The header field value 592 }, 593 ], 594 "path": "A String", # Path to access on the HTTP server. +optional 595 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 596 "intVal": 42, # The int value. 597 "strVal": "A String", # The string value. 598 "type": 42, # The type of the value. 599 }, 600 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 601 }, 602 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 603 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 604 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 605 "intVal": 42, # The int value. 606 "strVal": "A String", # The string value. 607 "type": 42, # The type of the value. 608 }, 609 }, 610 }, 611 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 612 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 613 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 614 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 615 }, 616 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 617 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 618 { # ContainerPort represents a network port in a single container. 619 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 620 "hostIP": "A String", # What host IP to bind the external port to. +optional 621 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 622 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 623 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 624 }, 625 ], 626 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 627 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 628 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 629 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 630 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 631 "A String", 632 ], 633 }, 634 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 635 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 636 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 637 { # HTTPHeader describes a custom header to be used in HTTP probes 638 "name": "A String", # The header field name 639 "value": "A String", # The header field value 640 }, 641 ], 642 "path": "A String", # Path to access on the HTTP server. +optional 643 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 644 "intVal": 42, # The int value. 645 "strVal": "A String", # The string value. 646 "type": 42, # The type of the value. 647 }, 648 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 649 }, 650 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 651 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 652 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 653 "intVal": 42, # The int value. 654 "strVal": "A String", # The string value. 655 "type": 42, # The type of the value. 656 }, 657 }, 658 }, 659 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 660 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 661 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 662 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 663 }, 664 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 665 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 666 "a_key": "A String", 667 }, 668 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 669 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 670 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 671 }, 672 }, 673 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 674 "a_key": "A String", 675 }, 676 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 677 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 678 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 679 }, 680 }, 681 }, 682 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 683 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 684 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 685 "add": [ # Added capabilities +optional 686 "A String", 687 ], 688 "drop": [ # Removed capabilities +optional 689 "A String", 690 ], 691 }, 692 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 693 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 694 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 695 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 696 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 697 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 698 "level": "A String", # Level is SELinux level label that applies to the container. +optional 699 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 700 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 701 "user": "A String", # User is a SELinux user label that applies to the container. +optional 702 }, 703 }, 704 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 705 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 706 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 707 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 708 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 709 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 710 { # volumeDevice describes a mapping of a raw block device within a container. 711 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 712 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 713 }, 714 ], 715 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 716 { # VolumeMount describes a mounting of a Volume within a container. 717 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 718 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 719 "name": "A String", # This must match the Name of a Volume. 720 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 721 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 722 }, 723 ], 724 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 725 }, 726 ], 727 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 728 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 729 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 730 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 731 "volumes": [ 732 { # Volume represents a named volume in a container. 733 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 734 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 735 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 736 { # Maps a string key to a path within a volume. 737 "key": "A String", # The key to project. 738 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 739 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 740 }, 741 ], 742 "name": "A String", # Name of the config. 743 "optional": True or False, # Specify whether the Secret or its keys must be defined. 744 }, 745 "name": "A String", # Volume's name. 746 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 747 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 748 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 749 { # Maps a string key to a path within a volume. 750 "key": "A String", # The key to project. 751 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 752 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 753 }, 754 ], 755 "optional": True or False, # Specify whether the Secret or its keys must be defined. 756 "secretName": "A String", # Name of the secret in the container's namespace to use. 757 }, 758 }, 759 ], 760 }, 761 }, 762 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 763 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 764 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 765 "a_key": "A String", 766 }, 767 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 768 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 769 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 770 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 771 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 772 "A String", 773 ], 774 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 775 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 776 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 777 "a_key": "A String", 778 }, 779 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 780 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 781 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 782 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 783 "apiVersion": "A String", # API version of the referent. 784 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 785 "controller": True or False, # If true, this reference points to the managing controller. +optional 786 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 787 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 788 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 789 }, 790 ], 791 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 792 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 793 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 794 }, 795 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 796 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 797 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 798 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 799 "A String", 800 ], 801 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 802 "A String", 803 ], 804 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 805 { # EnvVar represents an environment variable present in a Container. 806 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 807 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 808 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 809 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 810 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 811 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 812 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 813 }, 814 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 815 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 816 }, 817 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 818 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 819 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 820 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 821 }, 822 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 823 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 824 }, 825 }, 826 }, 827 ], 828 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 829 { # EnvFromSource represents the source of a set of ConfigMaps 830 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 831 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 832 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 833 }, 834 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 835 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 836 }, 837 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 838 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 839 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 840 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 841 }, 842 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 843 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 844 }, 845 }, 846 ], 847 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 848 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 849 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 850 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 851 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 852 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 853 "A String", 854 ], 855 }, 856 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 857 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 858 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 859 { # HTTPHeader describes a custom header to be used in HTTP probes 860 "name": "A String", # The header field name 861 "value": "A String", # The header field value 862 }, 863 ], 864 "path": "A String", # Path to access on the HTTP server. +optional 865 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 866 "intVal": 42, # The int value. 867 "strVal": "A String", # The string value. 868 "type": 42, # The type of the value. 869 }, 870 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 871 }, 872 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 873 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 874 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 875 "intVal": 42, # The int value. 876 "strVal": "A String", # The string value. 877 "type": 42, # The type of the value. 878 }, 879 }, 880 }, 881 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 882 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 883 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 884 "A String", 885 ], 886 }, 887 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 888 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 889 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 890 { # HTTPHeader describes a custom header to be used in HTTP probes 891 "name": "A String", # The header field name 892 "value": "A String", # The header field value 893 }, 894 ], 895 "path": "A String", # Path to access on the HTTP server. +optional 896 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 897 "intVal": 42, # The int value. 898 "strVal": "A String", # The string value. 899 "type": 42, # The type of the value. 900 }, 901 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 902 }, 903 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 904 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 905 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 906 "intVal": 42, # The int value. 907 "strVal": "A String", # The string value. 908 "type": 42, # The type of the value. 909 }, 910 }, 911 }, 912 }, 913 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 914 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 915 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 916 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 917 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 918 "A String", 919 ], 920 }, 921 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 922 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 923 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 924 { # HTTPHeader describes a custom header to be used in HTTP probes 925 "name": "A String", # The header field name 926 "value": "A String", # The header field value 927 }, 928 ], 929 "path": "A String", # Path to access on the HTTP server. +optional 930 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 931 "intVal": 42, # The int value. 932 "strVal": "A String", # The string value. 933 "type": 42, # The type of the value. 934 }, 935 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 936 }, 937 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 938 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 939 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 940 "intVal": 42, # The int value. 941 "strVal": "A String", # The string value. 942 "type": 42, # The type of the value. 943 }, 944 }, 945 }, 946 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 947 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 948 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 949 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 950 }, 951 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 952 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 953 { # ContainerPort represents a network port in a single container. 954 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 955 "hostIP": "A String", # What host IP to bind the external port to. +optional 956 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 957 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 958 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 959 }, 960 ], 961 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 962 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 963 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 964 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 965 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 966 "A String", 967 ], 968 }, 969 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 970 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 971 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 972 { # HTTPHeader describes a custom header to be used in HTTP probes 973 "name": "A String", # The header field name 974 "value": "A String", # The header field value 975 }, 976 ], 977 "path": "A String", # Path to access on the HTTP server. +optional 978 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 979 "intVal": 42, # The int value. 980 "strVal": "A String", # The string value. 981 "type": 42, # The type of the value. 982 }, 983 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 984 }, 985 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 986 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 987 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 988 "intVal": 42, # The int value. 989 "strVal": "A String", # The string value. 990 "type": 42, # The type of the value. 991 }, 992 }, 993 }, 994 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 995 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 996 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 997 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 998 }, 999 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 1000 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1001 "a_key": "A String", 1002 }, 1003 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 1004 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1005 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1006 }, 1007 }, 1008 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1009 "a_key": "A String", 1010 }, 1011 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1012 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1013 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1014 }, 1015 }, 1016 }, 1017 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1018 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1019 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1020 "add": [ # Added capabilities +optional 1021 "A String", 1022 ], 1023 "drop": [ # Removed capabilities +optional 1024 "A String", 1025 ], 1026 }, 1027 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1028 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1029 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1030 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1031 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1032 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1033 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1034 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1035 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1036 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1037 }, 1038 }, 1039 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1040 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1041 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1042 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1043 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1044 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1045 { # volumeDevice describes a mapping of a raw block device within a container. 1046 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1047 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1048 }, 1049 ], 1050 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1051 { # VolumeMount describes a mounting of a Volume within a container. 1052 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1053 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1054 "name": "A String", # This must match the Name of a Volume. 1055 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1056 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1057 }, 1058 ], 1059 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1060 }, 1061 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1062 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 1063 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 1064 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1065 "A String", 1066 ], 1067 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1068 "A String", 1069 ], 1070 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 1071 { # EnvVar represents an environment variable present in a Container. 1072 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1073 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 1074 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 1075 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 1076 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 1077 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1078 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1079 }, 1080 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 1081 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 1082 }, 1083 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 1084 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 1085 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1086 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1087 }, 1088 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 1089 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 1090 }, 1091 }, 1092 }, 1093 ], 1094 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 1095 { # EnvFromSource represents the source of a set of ConfigMaps 1096 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 1097 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1098 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1099 }, 1100 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 1101 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 1102 }, 1103 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 1104 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 1105 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1106 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1107 }, 1108 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 1109 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 1110 }, 1111 }, 1112 ], 1113 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1114 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 1115 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 1116 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1117 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1118 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1119 "A String", 1120 ], 1121 }, 1122 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1123 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1124 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1125 { # HTTPHeader describes a custom header to be used in HTTP probes 1126 "name": "A String", # The header field name 1127 "value": "A String", # The header field value 1128 }, 1129 ], 1130 "path": "A String", # Path to access on the HTTP server. +optional 1131 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1132 "intVal": 42, # The int value. 1133 "strVal": "A String", # The string value. 1134 "type": 42, # The type of the value. 1135 }, 1136 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1137 }, 1138 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1139 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1140 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1141 "intVal": 42, # The int value. 1142 "strVal": "A String", # The string value. 1143 "type": 42, # The type of the value. 1144 }, 1145 }, 1146 }, 1147 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1148 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1149 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1150 "A String", 1151 ], 1152 }, 1153 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1154 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1155 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1156 { # HTTPHeader describes a custom header to be used in HTTP probes 1157 "name": "A String", # The header field name 1158 "value": "A String", # The header field value 1159 }, 1160 ], 1161 "path": "A String", # Path to access on the HTTP server. +optional 1162 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1163 "intVal": 42, # The int value. 1164 "strVal": "A String", # The string value. 1165 "type": 42, # The type of the value. 1166 }, 1167 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1168 }, 1169 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1170 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1171 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1172 "intVal": 42, # The int value. 1173 "strVal": "A String", # The string value. 1174 "type": 42, # The type of the value. 1175 }, 1176 }, 1177 }, 1178 }, 1179 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1180 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1181 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1182 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1183 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1184 "A String", 1185 ], 1186 }, 1187 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1188 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1189 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1190 { # HTTPHeader describes a custom header to be used in HTTP probes 1191 "name": "A String", # The header field name 1192 "value": "A String", # The header field value 1193 }, 1194 ], 1195 "path": "A String", # Path to access on the HTTP server. +optional 1196 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1197 "intVal": 42, # The int value. 1198 "strVal": "A String", # The string value. 1199 "type": 42, # The type of the value. 1200 }, 1201 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1202 }, 1203 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1204 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1205 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1206 "intVal": 42, # The int value. 1207 "strVal": "A String", # The string value. 1208 "type": 42, # The type of the value. 1209 }, 1210 }, 1211 }, 1212 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1213 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1214 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1215 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1216 }, 1217 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 1218 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 1219 { # ContainerPort represents a network port in a single container. 1220 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1221 "hostIP": "A String", # What host IP to bind the external port to. +optional 1222 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 1223 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 1224 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 1225 }, 1226 ], 1227 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1228 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1229 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1230 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1231 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1232 "A String", 1233 ], 1234 }, 1235 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1236 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1237 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1238 { # HTTPHeader describes a custom header to be used in HTTP probes 1239 "name": "A String", # The header field name 1240 "value": "A String", # The header field value 1241 }, 1242 ], 1243 "path": "A String", # Path to access on the HTTP server. +optional 1244 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1245 "intVal": 42, # The int value. 1246 "strVal": "A String", # The string value. 1247 "type": 42, # The type of the value. 1248 }, 1249 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1250 }, 1251 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1252 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1253 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1254 "intVal": 42, # The int value. 1255 "strVal": "A String", # The string value. 1256 "type": 42, # The type of the value. 1257 }, 1258 }, 1259 }, 1260 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1261 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1262 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1263 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1264 }, 1265 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 1266 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1267 "a_key": "A String", 1268 }, 1269 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 1270 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1271 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1272 }, 1273 }, 1274 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1275 "a_key": "A String", 1276 }, 1277 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1278 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1279 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1280 }, 1281 }, 1282 }, 1283 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1284 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1285 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1286 "add": [ # Added capabilities +optional 1287 "A String", 1288 ], 1289 "drop": [ # Removed capabilities +optional 1290 "A String", 1291 ], 1292 }, 1293 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1294 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1295 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1296 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1297 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1298 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1299 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1300 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1301 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1302 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1303 }, 1304 }, 1305 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1306 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1307 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1308 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1309 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1310 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1311 { # volumeDevice describes a mapping of a raw block device within a container. 1312 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1313 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1314 }, 1315 ], 1316 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1317 { # VolumeMount describes a mounting of a Volume within a container. 1318 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1319 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1320 "name": "A String", # This must match the Name of a Volume. 1321 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1322 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1323 }, 1324 ], 1325 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1326 }, 1327 ], 1328 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 1329 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 1330 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 1331 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 1332 "volumes": [ 1333 { # Volume represents a named volume in a container. 1334 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 1335 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1336 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1337 { # Maps a string key to a path within a volume. 1338 "key": "A String", # The key to project. 1339 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1340 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1341 }, 1342 ], 1343 "name": "A String", # Name of the config. 1344 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1345 }, 1346 "name": "A String", # Volume's name. 1347 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 1348 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1349 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1350 { # Maps a string key to a path within a volume. 1351 "key": "A String", # The key to project. 1352 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1353 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1354 }, 1355 ], 1356 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1357 "secretName": "A String", # Name of the secret in the container's namespace to use. 1358 }, 1359 }, 1360 ], 1361 }, 1362 }, 1363 }, 1364 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 1365 }, 1366 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 1367 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 1368 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 1369 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 1370 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 1371 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 1372 "a_key": "A String", 1373 }, 1374 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 1375 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1376 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 1377 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1378 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 1379 "A String", 1380 ], 1381 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 1382 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 1383 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 1384 "a_key": "A String", 1385 }, 1386 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1387 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1388 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 1389 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1390 "apiVersion": "A String", # API version of the referent. 1391 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1392 "controller": True or False, # If true, this reference points to the managing controller. +optional 1393 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1394 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1395 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1396 }, 1397 ], 1398 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 1399 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 1400 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 1401 }, 1402 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 1403 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 1404 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 1405 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1406 "A String", 1407 ], 1408 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1409 "A String", 1410 ], 1411 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 1412 { # EnvVar represents an environment variable present in a Container. 1413 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1414 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 1415 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 1416 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 1417 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 1418 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1419 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1420 }, 1421 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 1422 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 1423 }, 1424 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 1425 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 1426 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1427 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1428 }, 1429 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 1430 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 1431 }, 1432 }, 1433 }, 1434 ], 1435 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 1436 { # EnvFromSource represents the source of a set of ConfigMaps 1437 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 1438 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1439 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1440 }, 1441 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 1442 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 1443 }, 1444 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 1445 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 1446 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1447 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1448 }, 1449 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 1450 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 1451 }, 1452 }, 1453 ], 1454 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1455 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 1456 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 1457 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1458 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1459 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1460 "A String", 1461 ], 1462 }, 1463 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1464 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1465 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1466 { # HTTPHeader describes a custom header to be used in HTTP probes 1467 "name": "A String", # The header field name 1468 "value": "A String", # The header field value 1469 }, 1470 ], 1471 "path": "A String", # Path to access on the HTTP server. +optional 1472 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1473 "intVal": 42, # The int value. 1474 "strVal": "A String", # The string value. 1475 "type": 42, # The type of the value. 1476 }, 1477 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1478 }, 1479 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1480 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1481 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1482 "intVal": 42, # The int value. 1483 "strVal": "A String", # The string value. 1484 "type": 42, # The type of the value. 1485 }, 1486 }, 1487 }, 1488 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1489 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1490 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1491 "A String", 1492 ], 1493 }, 1494 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1495 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1496 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1497 { # HTTPHeader describes a custom header to be used in HTTP probes 1498 "name": "A String", # The header field name 1499 "value": "A String", # The header field value 1500 }, 1501 ], 1502 "path": "A String", # Path to access on the HTTP server. +optional 1503 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1504 "intVal": 42, # The int value. 1505 "strVal": "A String", # The string value. 1506 "type": 42, # The type of the value. 1507 }, 1508 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1509 }, 1510 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1511 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1512 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1513 "intVal": 42, # The int value. 1514 "strVal": "A String", # The string value. 1515 "type": 42, # The type of the value. 1516 }, 1517 }, 1518 }, 1519 }, 1520 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1521 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1522 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1523 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1524 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1525 "A String", 1526 ], 1527 }, 1528 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1529 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1530 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1531 { # HTTPHeader describes a custom header to be used in HTTP probes 1532 "name": "A String", # The header field name 1533 "value": "A String", # The header field value 1534 }, 1535 ], 1536 "path": "A String", # Path to access on the HTTP server. +optional 1537 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1538 "intVal": 42, # The int value. 1539 "strVal": "A String", # The string value. 1540 "type": 42, # The type of the value. 1541 }, 1542 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1543 }, 1544 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1545 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1546 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1547 "intVal": 42, # The int value. 1548 "strVal": "A String", # The string value. 1549 "type": 42, # The type of the value. 1550 }, 1551 }, 1552 }, 1553 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1554 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1555 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1556 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1557 }, 1558 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 1559 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 1560 { # ContainerPort represents a network port in a single container. 1561 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1562 "hostIP": "A String", # What host IP to bind the external port to. +optional 1563 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 1564 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 1565 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 1566 }, 1567 ], 1568 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1569 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1570 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1571 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1572 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1573 "A String", 1574 ], 1575 }, 1576 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1577 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1578 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1579 { # HTTPHeader describes a custom header to be used in HTTP probes 1580 "name": "A String", # The header field name 1581 "value": "A String", # The header field value 1582 }, 1583 ], 1584 "path": "A String", # Path to access on the HTTP server. +optional 1585 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1586 "intVal": 42, # The int value. 1587 "strVal": "A String", # The string value. 1588 "type": 42, # The type of the value. 1589 }, 1590 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1591 }, 1592 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1593 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1594 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1595 "intVal": 42, # The int value. 1596 "strVal": "A String", # The string value. 1597 "type": 42, # The type of the value. 1598 }, 1599 }, 1600 }, 1601 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1602 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1603 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1604 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1605 }, 1606 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 1607 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1608 "a_key": "A String", 1609 }, 1610 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 1611 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1612 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1613 }, 1614 }, 1615 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1616 "a_key": "A String", 1617 }, 1618 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1619 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1620 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1621 }, 1622 }, 1623 }, 1624 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1625 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1626 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1627 "add": [ # Added capabilities +optional 1628 "A String", 1629 ], 1630 "drop": [ # Removed capabilities +optional 1631 "A String", 1632 ], 1633 }, 1634 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1635 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1636 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1637 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1638 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1639 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1640 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1641 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1642 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1643 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1644 }, 1645 }, 1646 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1647 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1648 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1649 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1650 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1651 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1652 { # volumeDevice describes a mapping of a raw block device within a container. 1653 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1654 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1655 }, 1656 ], 1657 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1658 { # VolumeMount describes a mounting of a Volume within a container. 1659 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1660 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1661 "name": "A String", # This must match the Name of a Volume. 1662 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1663 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1664 }, 1665 ], 1666 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1667 }, 1668 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 1669 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 1670 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 1671 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1672 "A String", 1673 ], 1674 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 1675 "A String", 1676 ], 1677 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 1678 { # EnvVar represents an environment variable present in a Container. 1679 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 1680 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 1681 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 1682 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 1683 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 1684 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1685 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1686 }, 1687 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 1688 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 1689 }, 1690 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 1691 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 1692 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1693 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1694 }, 1695 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 1696 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 1697 }, 1698 }, 1699 }, 1700 ], 1701 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 1702 { # EnvFromSource represents the source of a set of ConfigMaps 1703 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 1704 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1705 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1706 }, 1707 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 1708 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 1709 }, 1710 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 1711 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 1712 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 1713 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 1714 }, 1715 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 1716 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 1717 }, 1718 }, 1719 ], 1720 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 1721 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 1722 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 1723 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1724 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1725 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1726 "A String", 1727 ], 1728 }, 1729 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1730 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1731 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1732 { # HTTPHeader describes a custom header to be used in HTTP probes 1733 "name": "A String", # The header field name 1734 "value": "A String", # The header field value 1735 }, 1736 ], 1737 "path": "A String", # Path to access on the HTTP server. +optional 1738 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1739 "intVal": 42, # The int value. 1740 "strVal": "A String", # The string value. 1741 "type": 42, # The type of the value. 1742 }, 1743 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1744 }, 1745 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1746 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1747 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1748 "intVal": 42, # The int value. 1749 "strVal": "A String", # The string value. 1750 "type": 42, # The type of the value. 1751 }, 1752 }, 1753 }, 1754 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 1755 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1756 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1757 "A String", 1758 ], 1759 }, 1760 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1761 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1762 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1763 { # HTTPHeader describes a custom header to be used in HTTP probes 1764 "name": "A String", # The header field name 1765 "value": "A String", # The header field value 1766 }, 1767 ], 1768 "path": "A String", # Path to access on the HTTP server. +optional 1769 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1770 "intVal": 42, # The int value. 1771 "strVal": "A String", # The string value. 1772 "type": 42, # The type of the value. 1773 }, 1774 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1775 }, 1776 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1777 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1778 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1779 "intVal": 42, # The int value. 1780 "strVal": "A String", # The string value. 1781 "type": 42, # The type of the value. 1782 }, 1783 }, 1784 }, 1785 }, 1786 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1787 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1788 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1789 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1790 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1791 "A String", 1792 ], 1793 }, 1794 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1795 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1796 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1797 { # HTTPHeader describes a custom header to be used in HTTP probes 1798 "name": "A String", # The header field name 1799 "value": "A String", # The header field value 1800 }, 1801 ], 1802 "path": "A String", # Path to access on the HTTP server. +optional 1803 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1804 "intVal": 42, # The int value. 1805 "strVal": "A String", # The string value. 1806 "type": 42, # The type of the value. 1807 }, 1808 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1809 }, 1810 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1811 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1812 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1813 "intVal": 42, # The int value. 1814 "strVal": "A String", # The string value. 1815 "type": 42, # The type of the value. 1816 }, 1817 }, 1818 }, 1819 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1820 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1821 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1822 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1823 }, 1824 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 1825 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 1826 { # ContainerPort represents a network port in a single container. 1827 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 1828 "hostIP": "A String", # What host IP to bind the external port to. +optional 1829 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 1830 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 1831 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 1832 }, 1833 ], 1834 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1835 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 1836 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 1837 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 1838 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 1839 "A String", 1840 ], 1841 }, 1842 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 1843 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 1844 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 1845 { # HTTPHeader describes a custom header to be used in HTTP probes 1846 "name": "A String", # The header field name 1847 "value": "A String", # The header field value 1848 }, 1849 ], 1850 "path": "A String", # Path to access on the HTTP server. +optional 1851 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1852 "intVal": 42, # The int value. 1853 "strVal": "A String", # The string value. 1854 "type": 42, # The type of the value. 1855 }, 1856 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 1857 }, 1858 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 1859 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 1860 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 1861 "intVal": 42, # The int value. 1862 "strVal": "A String", # The string value. 1863 "type": 42, # The type of the value. 1864 }, 1865 }, 1866 }, 1867 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1868 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 1869 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 1870 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 1871 }, 1872 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 1873 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1874 "a_key": "A String", 1875 }, 1876 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 1877 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1878 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1879 }, 1880 }, 1881 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 1882 "a_key": "A String", 1883 }, 1884 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 1885 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 1886 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 1887 }, 1888 }, 1889 }, 1890 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 1891 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 1892 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 1893 "add": [ # Added capabilities +optional 1894 "A String", 1895 ], 1896 "drop": [ # Removed capabilities +optional 1897 "A String", 1898 ], 1899 }, 1900 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 1901 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 1902 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1903 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1904 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1905 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 1906 "level": "A String", # Level is SELinux level label that applies to the container. +optional 1907 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 1908 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 1909 "user": "A String", # User is a SELinux user label that applies to the container. +optional 1910 }, 1911 }, 1912 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 1913 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 1914 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 1915 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 1916 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 1917 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 1918 { # volumeDevice describes a mapping of a raw block device within a container. 1919 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 1920 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 1921 }, 1922 ], 1923 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 1924 { # VolumeMount describes a mounting of a Volume within a container. 1925 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 1926 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 1927 "name": "A String", # This must match the Name of a Volume. 1928 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 1929 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 1930 }, 1931 ], 1932 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 1933 }, 1934 ], 1935 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 1936 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 1937 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 1938 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 1939 "volumes": [ 1940 { # Volume represents a named volume in a container. 1941 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 1942 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1943 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1944 { # Maps a string key to a path within a volume. 1945 "key": "A String", # The key to project. 1946 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1947 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1948 }, 1949 ], 1950 "name": "A String", # Name of the config. 1951 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1952 }, 1953 "name": "A String", # Volume's name. 1954 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 1955 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 1956 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 1957 { # Maps a string key to a path within a volume. 1958 "key": "A String", # The key to project. 1959 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 1960 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 1961 }, 1962 ], 1963 "optional": True or False, # Specify whether the Secret or its keys must be defined. 1964 "secretName": "A String", # Name of the secret in the container's namespace to use. 1965 }, 1966 }, 1967 ], 1968 }, 1969 }, 1970 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 1971 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 1972 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 1973 "a_key": "A String", 1974 }, 1975 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 1976 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1977 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 1978 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 1979 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 1980 "A String", 1981 ], 1982 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 1983 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 1984 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 1985 "a_key": "A String", 1986 }, 1987 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 1988 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 1989 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 1990 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 1991 "apiVersion": "A String", # API version of the referent. 1992 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 1993 "controller": True or False, # If true, this reference points to the managing controller. +optional 1994 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 1995 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 1996 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 1997 }, 1998 ], 1999 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 2000 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 2001 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 2002 }, 2003 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 2004 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 2005 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 2006 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2007 "A String", 2008 ], 2009 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2010 "A String", 2011 ], 2012 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2013 { # EnvVar represents an environment variable present in a Container. 2014 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2015 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2016 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2017 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2018 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2019 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2020 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2021 }, 2022 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2023 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2024 }, 2025 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2026 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2027 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2028 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2029 }, 2030 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2031 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2032 }, 2033 }, 2034 }, 2035 ], 2036 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2037 { # EnvFromSource represents the source of a set of ConfigMaps 2038 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2039 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2040 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2041 }, 2042 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2043 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2044 }, 2045 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2046 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2047 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2048 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2049 }, 2050 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2051 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2052 }, 2053 }, 2054 ], 2055 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2056 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2057 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2058 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2059 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2060 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2061 "A String", 2062 ], 2063 }, 2064 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2065 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2066 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2067 { # HTTPHeader describes a custom header to be used in HTTP probes 2068 "name": "A String", # The header field name 2069 "value": "A String", # The header field value 2070 }, 2071 ], 2072 "path": "A String", # Path to access on the HTTP server. +optional 2073 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2074 "intVal": 42, # The int value. 2075 "strVal": "A String", # The string value. 2076 "type": 42, # The type of the value. 2077 }, 2078 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2079 }, 2080 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2081 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2082 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2083 "intVal": 42, # The int value. 2084 "strVal": "A String", # The string value. 2085 "type": 42, # The type of the value. 2086 }, 2087 }, 2088 }, 2089 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2090 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2091 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2092 "A String", 2093 ], 2094 }, 2095 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2096 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2097 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2098 { # HTTPHeader describes a custom header to be used in HTTP probes 2099 "name": "A String", # The header field name 2100 "value": "A String", # The header field value 2101 }, 2102 ], 2103 "path": "A String", # Path to access on the HTTP server. +optional 2104 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2105 "intVal": 42, # The int value. 2106 "strVal": "A String", # The string value. 2107 "type": 42, # The type of the value. 2108 }, 2109 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2110 }, 2111 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2112 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2113 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2114 "intVal": 42, # The int value. 2115 "strVal": "A String", # The string value. 2116 "type": 42, # The type of the value. 2117 }, 2118 }, 2119 }, 2120 }, 2121 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2122 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2123 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2124 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2125 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2126 "A String", 2127 ], 2128 }, 2129 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2130 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2131 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2132 { # HTTPHeader describes a custom header to be used in HTTP probes 2133 "name": "A String", # The header field name 2134 "value": "A String", # The header field value 2135 }, 2136 ], 2137 "path": "A String", # Path to access on the HTTP server. +optional 2138 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2139 "intVal": 42, # The int value. 2140 "strVal": "A String", # The string value. 2141 "type": 42, # The type of the value. 2142 }, 2143 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2144 }, 2145 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2146 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2147 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2148 "intVal": 42, # The int value. 2149 "strVal": "A String", # The string value. 2150 "type": 42, # The type of the value. 2151 }, 2152 }, 2153 }, 2154 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2155 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2156 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2157 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2158 }, 2159 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 2160 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 2161 { # ContainerPort represents a network port in a single container. 2162 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 2163 "hostIP": "A String", # What host IP to bind the external port to. +optional 2164 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 2165 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 2166 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 2167 }, 2168 ], 2169 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2170 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2171 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2172 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2173 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2174 "A String", 2175 ], 2176 }, 2177 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2178 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2179 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2180 { # HTTPHeader describes a custom header to be used in HTTP probes 2181 "name": "A String", # The header field name 2182 "value": "A String", # The header field value 2183 }, 2184 ], 2185 "path": "A String", # Path to access on the HTTP server. +optional 2186 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2187 "intVal": 42, # The int value. 2188 "strVal": "A String", # The string value. 2189 "type": 42, # The type of the value. 2190 }, 2191 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2192 }, 2193 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2194 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2195 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2196 "intVal": 42, # The int value. 2197 "strVal": "A String", # The string value. 2198 "type": 42, # The type of the value. 2199 }, 2200 }, 2201 }, 2202 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2203 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2204 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2205 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2206 }, 2207 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 2208 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2209 "a_key": "A String", 2210 }, 2211 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 2212 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2213 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2214 }, 2215 }, 2216 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2217 "a_key": "A String", 2218 }, 2219 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 2220 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2221 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2222 }, 2223 }, 2224 }, 2225 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 2226 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 2227 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 2228 "add": [ # Added capabilities +optional 2229 "A String", 2230 ], 2231 "drop": [ # Removed capabilities +optional 2232 "A String", 2233 ], 2234 }, 2235 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 2236 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 2237 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2238 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2239 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2240 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2241 "level": "A String", # Level is SELinux level label that applies to the container. +optional 2242 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 2243 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 2244 "user": "A String", # User is a SELinux user label that applies to the container. +optional 2245 }, 2246 }, 2247 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 2248 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 2249 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 2250 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 2251 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 2252 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 2253 { # volumeDevice describes a mapping of a raw block device within a container. 2254 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 2255 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 2256 }, 2257 ], 2258 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 2259 { # VolumeMount describes a mounting of a Volume within a container. 2260 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 2261 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 2262 "name": "A String", # This must match the Name of a Volume. 2263 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 2264 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 2265 }, 2266 ], 2267 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 2268 }, 2269 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 2270 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 2271 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 2272 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2273 "A String", 2274 ], 2275 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2276 "A String", 2277 ], 2278 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2279 { # EnvVar represents an environment variable present in a Container. 2280 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2281 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2282 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2283 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2284 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2285 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2286 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2287 }, 2288 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2289 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2290 }, 2291 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2292 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2293 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2294 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2295 }, 2296 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2297 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2298 }, 2299 }, 2300 }, 2301 ], 2302 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2303 { # EnvFromSource represents the source of a set of ConfigMaps 2304 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2305 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2306 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2307 }, 2308 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2309 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2310 }, 2311 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2312 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2313 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2314 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2315 }, 2316 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2317 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2318 }, 2319 }, 2320 ], 2321 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2322 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2323 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2324 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2325 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2326 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2327 "A String", 2328 ], 2329 }, 2330 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2331 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2332 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2333 { # HTTPHeader describes a custom header to be used in HTTP probes 2334 "name": "A String", # The header field name 2335 "value": "A String", # The header field value 2336 }, 2337 ], 2338 "path": "A String", # Path to access on the HTTP server. +optional 2339 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2340 "intVal": 42, # The int value. 2341 "strVal": "A String", # The string value. 2342 "type": 42, # The type of the value. 2343 }, 2344 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2345 }, 2346 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2347 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2348 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2349 "intVal": 42, # The int value. 2350 "strVal": "A String", # The string value. 2351 "type": 42, # The type of the value. 2352 }, 2353 }, 2354 }, 2355 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2356 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2357 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2358 "A String", 2359 ], 2360 }, 2361 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2362 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2363 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2364 { # HTTPHeader describes a custom header to be used in HTTP probes 2365 "name": "A String", # The header field name 2366 "value": "A String", # The header field value 2367 }, 2368 ], 2369 "path": "A String", # Path to access on the HTTP server. +optional 2370 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2371 "intVal": 42, # The int value. 2372 "strVal": "A String", # The string value. 2373 "type": 42, # The type of the value. 2374 }, 2375 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2376 }, 2377 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2378 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2379 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2380 "intVal": 42, # The int value. 2381 "strVal": "A String", # The string value. 2382 "type": 42, # The type of the value. 2383 }, 2384 }, 2385 }, 2386 }, 2387 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2388 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2389 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2390 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2391 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2392 "A String", 2393 ], 2394 }, 2395 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2396 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2397 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2398 { # HTTPHeader describes a custom header to be used in HTTP probes 2399 "name": "A String", # The header field name 2400 "value": "A String", # The header field value 2401 }, 2402 ], 2403 "path": "A String", # Path to access on the HTTP server. +optional 2404 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2405 "intVal": 42, # The int value. 2406 "strVal": "A String", # The string value. 2407 "type": 42, # The type of the value. 2408 }, 2409 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2410 }, 2411 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2412 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2413 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2414 "intVal": 42, # The int value. 2415 "strVal": "A String", # The string value. 2416 "type": 42, # The type of the value. 2417 }, 2418 }, 2419 }, 2420 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2421 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2422 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2423 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2424 }, 2425 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 2426 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 2427 { # ContainerPort represents a network port in a single container. 2428 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 2429 "hostIP": "A String", # What host IP to bind the external port to. +optional 2430 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 2431 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 2432 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 2433 }, 2434 ], 2435 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2436 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2437 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2438 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2439 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2440 "A String", 2441 ], 2442 }, 2443 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2444 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2445 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2446 { # HTTPHeader describes a custom header to be used in HTTP probes 2447 "name": "A String", # The header field name 2448 "value": "A String", # The header field value 2449 }, 2450 ], 2451 "path": "A String", # Path to access on the HTTP server. +optional 2452 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2453 "intVal": 42, # The int value. 2454 "strVal": "A String", # The string value. 2455 "type": 42, # The type of the value. 2456 }, 2457 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2458 }, 2459 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2460 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2461 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2462 "intVal": 42, # The int value. 2463 "strVal": "A String", # The string value. 2464 "type": 42, # The type of the value. 2465 }, 2466 }, 2467 }, 2468 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2469 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2470 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2471 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2472 }, 2473 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 2474 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2475 "a_key": "A String", 2476 }, 2477 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 2478 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2479 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2480 }, 2481 }, 2482 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2483 "a_key": "A String", 2484 }, 2485 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 2486 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2487 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2488 }, 2489 }, 2490 }, 2491 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 2492 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 2493 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 2494 "add": [ # Added capabilities +optional 2495 "A String", 2496 ], 2497 "drop": [ # Removed capabilities +optional 2498 "A String", 2499 ], 2500 }, 2501 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 2502 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 2503 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2504 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2505 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2506 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2507 "level": "A String", # Level is SELinux level label that applies to the container. +optional 2508 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 2509 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 2510 "user": "A String", # User is a SELinux user label that applies to the container. +optional 2511 }, 2512 }, 2513 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 2514 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 2515 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 2516 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 2517 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 2518 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 2519 { # volumeDevice describes a mapping of a raw block device within a container. 2520 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 2521 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 2522 }, 2523 ], 2524 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 2525 { # VolumeMount describes a mounting of a Volume within a container. 2526 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 2527 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 2528 "name": "A String", # This must match the Name of a Volume. 2529 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 2530 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 2531 }, 2532 ], 2533 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 2534 }, 2535 ], 2536 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 2537 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 2538 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 2539 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 2540 "volumes": [ 2541 { # Volume represents a named volume in a container. 2542 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 2543 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2544 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 2545 { # Maps a string key to a path within a volume. 2546 "key": "A String", # The key to project. 2547 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 2548 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2549 }, 2550 ], 2551 "name": "A String", # Name of the config. 2552 "optional": True or False, # Specify whether the Secret or its keys must be defined. 2553 }, 2554 "name": "A String", # Volume's name. 2555 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 2556 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 2557 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 2558 { # Maps a string key to a path within a volume. 2559 "key": "A String", # The key to project. 2560 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 2561 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 2562 }, 2563 ], 2564 "optional": True or False, # Specify whether the Secret or its keys must be defined. 2565 "secretName": "A String", # Name of the secret in the container's namespace to use. 2566 }, 2567 }, 2568 ], 2569 }, 2570 }, 2571 }, 2572 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 2573 "A String", 2574 ], 2575 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 2576 }, 2577 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 2578 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 2579 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 2580 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 2581 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 2582 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 2583 "a_key": "A String", 2584 }, 2585 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 2586 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 2587 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 2588 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 2589 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 2590 "A String", 2591 ], 2592 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 2593 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 2594 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 2595 "a_key": "A String", 2596 }, 2597 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 2598 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 2599 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 2600 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 2601 "apiVersion": "A String", # API version of the referent. 2602 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 2603 "controller": True or False, # If true, this reference points to the managing controller. +optional 2604 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 2605 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 2606 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 2607 }, 2608 ], 2609 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 2610 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 2611 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 2612 }, 2613 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 2614 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 2615 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 2616 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2617 "A String", 2618 ], 2619 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2620 "A String", 2621 ], 2622 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2623 { # EnvVar represents an environment variable present in a Container. 2624 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2625 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2626 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2627 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2628 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2629 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2630 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2631 }, 2632 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2633 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2634 }, 2635 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2636 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2637 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2638 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2639 }, 2640 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2641 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2642 }, 2643 }, 2644 }, 2645 ], 2646 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2647 { # EnvFromSource represents the source of a set of ConfigMaps 2648 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2649 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2650 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2651 }, 2652 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2653 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2654 }, 2655 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2656 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2657 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2658 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2659 }, 2660 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2661 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2662 }, 2663 }, 2664 ], 2665 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2666 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2667 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2668 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2669 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2670 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2671 "A String", 2672 ], 2673 }, 2674 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2675 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2676 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2677 { # HTTPHeader describes a custom header to be used in HTTP probes 2678 "name": "A String", # The header field name 2679 "value": "A String", # The header field value 2680 }, 2681 ], 2682 "path": "A String", # Path to access on the HTTP server. +optional 2683 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2684 "intVal": 42, # The int value. 2685 "strVal": "A String", # The string value. 2686 "type": 42, # The type of the value. 2687 }, 2688 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2689 }, 2690 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2691 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2692 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2693 "intVal": 42, # The int value. 2694 "strVal": "A String", # The string value. 2695 "type": 42, # The type of the value. 2696 }, 2697 }, 2698 }, 2699 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2700 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2701 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2702 "A String", 2703 ], 2704 }, 2705 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2706 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2707 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2708 { # HTTPHeader describes a custom header to be used in HTTP probes 2709 "name": "A String", # The header field name 2710 "value": "A String", # The header field value 2711 }, 2712 ], 2713 "path": "A String", # Path to access on the HTTP server. +optional 2714 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2715 "intVal": 42, # The int value. 2716 "strVal": "A String", # The string value. 2717 "type": 42, # The type of the value. 2718 }, 2719 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2720 }, 2721 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2722 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2723 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2724 "intVal": 42, # The int value. 2725 "strVal": "A String", # The string value. 2726 "type": 42, # The type of the value. 2727 }, 2728 }, 2729 }, 2730 }, 2731 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2732 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2733 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2734 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2735 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2736 "A String", 2737 ], 2738 }, 2739 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2740 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2741 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2742 { # HTTPHeader describes a custom header to be used in HTTP probes 2743 "name": "A String", # The header field name 2744 "value": "A String", # The header field value 2745 }, 2746 ], 2747 "path": "A String", # Path to access on the HTTP server. +optional 2748 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2749 "intVal": 42, # The int value. 2750 "strVal": "A String", # The string value. 2751 "type": 42, # The type of the value. 2752 }, 2753 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2754 }, 2755 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2756 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2757 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2758 "intVal": 42, # The int value. 2759 "strVal": "A String", # The string value. 2760 "type": 42, # The type of the value. 2761 }, 2762 }, 2763 }, 2764 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2765 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2766 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2767 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2768 }, 2769 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 2770 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 2771 { # ContainerPort represents a network port in a single container. 2772 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 2773 "hostIP": "A String", # What host IP to bind the external port to. +optional 2774 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 2775 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 2776 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 2777 }, 2778 ], 2779 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2780 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2781 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 2782 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2783 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2784 "A String", 2785 ], 2786 }, 2787 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2788 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2789 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2790 { # HTTPHeader describes a custom header to be used in HTTP probes 2791 "name": "A String", # The header field name 2792 "value": "A String", # The header field value 2793 }, 2794 ], 2795 "path": "A String", # Path to access on the HTTP server. +optional 2796 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2797 "intVal": 42, # The int value. 2798 "strVal": "A String", # The string value. 2799 "type": 42, # The type of the value. 2800 }, 2801 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2802 }, 2803 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2804 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2805 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2806 "intVal": 42, # The int value. 2807 "strVal": "A String", # The string value. 2808 "type": 42, # The type of the value. 2809 }, 2810 }, 2811 }, 2812 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2813 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 2814 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 2815 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2816 }, 2817 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 2818 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2819 "a_key": "A String", 2820 }, 2821 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 2822 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2823 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2824 }, 2825 }, 2826 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 2827 "a_key": "A String", 2828 }, 2829 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 2830 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 2831 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 2832 }, 2833 }, 2834 }, 2835 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 2836 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 2837 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 2838 "add": [ # Added capabilities +optional 2839 "A String", 2840 ], 2841 "drop": [ # Removed capabilities +optional 2842 "A String", 2843 ], 2844 }, 2845 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 2846 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 2847 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2848 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2849 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2850 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 2851 "level": "A String", # Level is SELinux level label that applies to the container. +optional 2852 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 2853 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 2854 "user": "A String", # User is a SELinux user label that applies to the container. +optional 2855 }, 2856 }, 2857 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 2858 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 2859 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 2860 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 2861 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 2862 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 2863 { # volumeDevice describes a mapping of a raw block device within a container. 2864 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 2865 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 2866 }, 2867 ], 2868 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 2869 { # VolumeMount describes a mounting of a Volume within a container. 2870 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 2871 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 2872 "name": "A String", # This must match the Name of a Volume. 2873 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 2874 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 2875 }, 2876 ], 2877 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 2878 }, 2879 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 2880 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 2881 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 2882 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2883 "A String", 2884 ], 2885 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 2886 "A String", 2887 ], 2888 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 2889 { # EnvVar represents an environment variable present in a Container. 2890 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 2891 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 2892 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 2893 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 2894 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 2895 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2896 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2897 }, 2898 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 2899 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 2900 }, 2901 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 2902 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 2903 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2904 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2905 }, 2906 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 2907 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 2908 }, 2909 }, 2910 }, 2911 ], 2912 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 2913 { # EnvFromSource represents the source of a set of ConfigMaps 2914 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 2915 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2916 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2917 }, 2918 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 2919 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 2920 }, 2921 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 2922 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 2923 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 2924 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 2925 }, 2926 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 2927 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 2928 }, 2929 }, 2930 ], 2931 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 2932 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 2933 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 2934 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2935 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2936 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2937 "A String", 2938 ], 2939 }, 2940 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2941 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2942 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2943 { # HTTPHeader describes a custom header to be used in HTTP probes 2944 "name": "A String", # The header field name 2945 "value": "A String", # The header field value 2946 }, 2947 ], 2948 "path": "A String", # Path to access on the HTTP server. +optional 2949 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2950 "intVal": 42, # The int value. 2951 "strVal": "A String", # The string value. 2952 "type": 42, # The type of the value. 2953 }, 2954 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2955 }, 2956 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2957 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2958 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2959 "intVal": 42, # The int value. 2960 "strVal": "A String", # The string value. 2961 "type": 42, # The type of the value. 2962 }, 2963 }, 2964 }, 2965 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 2966 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 2967 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 2968 "A String", 2969 ], 2970 }, 2971 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 2972 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 2973 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 2974 { # HTTPHeader describes a custom header to be used in HTTP probes 2975 "name": "A String", # The header field name 2976 "value": "A String", # The header field value 2977 }, 2978 ], 2979 "path": "A String", # Path to access on the HTTP server. +optional 2980 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2981 "intVal": 42, # The int value. 2982 "strVal": "A String", # The string value. 2983 "type": 42, # The type of the value. 2984 }, 2985 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 2986 }, 2987 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 2988 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 2989 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 2990 "intVal": 42, # The int value. 2991 "strVal": "A String", # The string value. 2992 "type": 42, # The type of the value. 2993 }, 2994 }, 2995 }, 2996 }, 2997 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 2998 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 2999 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3000 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3001 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3002 "A String", 3003 ], 3004 }, 3005 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3006 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3007 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3008 { # HTTPHeader describes a custom header to be used in HTTP probes 3009 "name": "A String", # The header field name 3010 "value": "A String", # The header field value 3011 }, 3012 ], 3013 "path": "A String", # Path to access on the HTTP server. +optional 3014 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3015 "intVal": 42, # The int value. 3016 "strVal": "A String", # The string value. 3017 "type": 42, # The type of the value. 3018 }, 3019 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3020 }, 3021 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3022 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3023 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3024 "intVal": 42, # The int value. 3025 "strVal": "A String", # The string value. 3026 "type": 42, # The type of the value. 3027 }, 3028 }, 3029 }, 3030 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3031 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3032 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3033 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3034 }, 3035 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3036 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3037 { # ContainerPort represents a network port in a single container. 3038 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3039 "hostIP": "A String", # What host IP to bind the external port to. +optional 3040 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3041 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3042 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3043 }, 3044 ], 3045 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3046 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3047 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3048 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3049 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3050 "A String", 3051 ], 3052 }, 3053 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3054 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3055 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3056 { # HTTPHeader describes a custom header to be used in HTTP probes 3057 "name": "A String", # The header field name 3058 "value": "A String", # The header field value 3059 }, 3060 ], 3061 "path": "A String", # Path to access on the HTTP server. +optional 3062 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3063 "intVal": 42, # The int value. 3064 "strVal": "A String", # The string value. 3065 "type": 42, # The type of the value. 3066 }, 3067 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3068 }, 3069 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3070 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3071 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3072 "intVal": 42, # The int value. 3073 "strVal": "A String", # The string value. 3074 "type": 42, # The type of the value. 3075 }, 3076 }, 3077 }, 3078 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3079 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3080 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3081 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3082 }, 3083 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 3084 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3085 "a_key": "A String", 3086 }, 3087 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 3088 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3089 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3090 }, 3091 }, 3092 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3093 "a_key": "A String", 3094 }, 3095 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 3096 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3097 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3098 }, 3099 }, 3100 }, 3101 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 3102 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 3103 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 3104 "add": [ # Added capabilities +optional 3105 "A String", 3106 ], 3107 "drop": [ # Removed capabilities +optional 3108 "A String", 3109 ], 3110 }, 3111 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 3112 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 3113 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3114 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3115 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3116 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3117 "level": "A String", # Level is SELinux level label that applies to the container. +optional 3118 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 3119 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 3120 "user": "A String", # User is a SELinux user label that applies to the container. +optional 3121 }, 3122 }, 3123 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 3124 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 3125 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 3126 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 3127 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 3128 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 3129 { # volumeDevice describes a mapping of a raw block device within a container. 3130 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 3131 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 3132 }, 3133 ], 3134 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 3135 { # VolumeMount describes a mounting of a Volume within a container. 3136 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 3137 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 3138 "name": "A String", # This must match the Name of a Volume. 3139 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 3140 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 3141 }, 3142 ], 3143 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 3144 }, 3145 ], 3146 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 3147 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 3148 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 3149 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 3150 "volumes": [ 3151 { # Volume represents a named volume in a container. 3152 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 3153 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3154 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3155 { # Maps a string key to a path within a volume. 3156 "key": "A String", # The key to project. 3157 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3158 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3159 }, 3160 ], 3161 "name": "A String", # Name of the config. 3162 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3163 }, 3164 "name": "A String", # Volume's name. 3165 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 3166 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3167 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3168 { # Maps a string key to a path within a volume. 3169 "key": "A String", # The key to project. 3170 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3171 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3172 }, 3173 ], 3174 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3175 "secretName": "A String", # Name of the secret in the container's namespace to use. 3176 }, 3177 }, 3178 ], 3179 }, 3180 }, 3181 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 3182 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 3183 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 3184 "a_key": "A String", 3185 }, 3186 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 3187 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3188 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 3189 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3190 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 3191 "A String", 3192 ], 3193 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 3194 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 3195 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 3196 "a_key": "A String", 3197 }, 3198 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 3199 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 3200 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 3201 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 3202 "apiVersion": "A String", # API version of the referent. 3203 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 3204 "controller": True or False, # If true, this reference points to the managing controller. +optional 3205 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3206 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 3207 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 3208 }, 3209 ], 3210 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 3211 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 3212 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 3213 }, 3214 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 3215 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 3216 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 3217 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3218 "A String", 3219 ], 3220 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3221 "A String", 3222 ], 3223 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 3224 { # EnvVar represents an environment variable present in a Container. 3225 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 3226 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 3227 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 3228 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 3229 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 3230 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3231 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3232 }, 3233 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 3234 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 3235 }, 3236 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 3237 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 3238 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3239 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3240 }, 3241 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 3242 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 3243 }, 3244 }, 3245 }, 3246 ], 3247 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 3248 { # EnvFromSource represents the source of a set of ConfigMaps 3249 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 3250 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3251 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3252 }, 3253 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 3254 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 3255 }, 3256 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 3257 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 3258 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3259 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3260 }, 3261 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 3262 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 3263 }, 3264 }, 3265 ], 3266 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3267 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 3268 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 3269 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3270 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3271 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3272 "A String", 3273 ], 3274 }, 3275 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3276 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3277 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3278 { # HTTPHeader describes a custom header to be used in HTTP probes 3279 "name": "A String", # The header field name 3280 "value": "A String", # The header field value 3281 }, 3282 ], 3283 "path": "A String", # Path to access on the HTTP server. +optional 3284 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3285 "intVal": 42, # The int value. 3286 "strVal": "A String", # The string value. 3287 "type": 42, # The type of the value. 3288 }, 3289 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3290 }, 3291 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3292 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3293 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3294 "intVal": 42, # The int value. 3295 "strVal": "A String", # The string value. 3296 "type": 42, # The type of the value. 3297 }, 3298 }, 3299 }, 3300 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3301 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3302 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3303 "A String", 3304 ], 3305 }, 3306 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3307 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3308 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3309 { # HTTPHeader describes a custom header to be used in HTTP probes 3310 "name": "A String", # The header field name 3311 "value": "A String", # The header field value 3312 }, 3313 ], 3314 "path": "A String", # Path to access on the HTTP server. +optional 3315 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3316 "intVal": 42, # The int value. 3317 "strVal": "A String", # The string value. 3318 "type": 42, # The type of the value. 3319 }, 3320 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3321 }, 3322 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3323 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3324 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3325 "intVal": 42, # The int value. 3326 "strVal": "A String", # The string value. 3327 "type": 42, # The type of the value. 3328 }, 3329 }, 3330 }, 3331 }, 3332 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3333 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3334 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3335 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3336 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3337 "A String", 3338 ], 3339 }, 3340 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3341 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3342 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3343 { # HTTPHeader describes a custom header to be used in HTTP probes 3344 "name": "A String", # The header field name 3345 "value": "A String", # The header field value 3346 }, 3347 ], 3348 "path": "A String", # Path to access on the HTTP server. +optional 3349 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3350 "intVal": 42, # The int value. 3351 "strVal": "A String", # The string value. 3352 "type": 42, # The type of the value. 3353 }, 3354 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3355 }, 3356 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3357 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3358 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3359 "intVal": 42, # The int value. 3360 "strVal": "A String", # The string value. 3361 "type": 42, # The type of the value. 3362 }, 3363 }, 3364 }, 3365 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3366 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3367 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3368 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3369 }, 3370 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3371 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3372 { # ContainerPort represents a network port in a single container. 3373 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3374 "hostIP": "A String", # What host IP to bind the external port to. +optional 3375 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3376 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3377 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3378 }, 3379 ], 3380 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3381 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3382 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3383 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3384 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3385 "A String", 3386 ], 3387 }, 3388 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3389 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3390 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3391 { # HTTPHeader describes a custom header to be used in HTTP probes 3392 "name": "A String", # The header field name 3393 "value": "A String", # The header field value 3394 }, 3395 ], 3396 "path": "A String", # Path to access on the HTTP server. +optional 3397 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3398 "intVal": 42, # The int value. 3399 "strVal": "A String", # The string value. 3400 "type": 42, # The type of the value. 3401 }, 3402 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3403 }, 3404 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3405 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3406 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3407 "intVal": 42, # The int value. 3408 "strVal": "A String", # The string value. 3409 "type": 42, # The type of the value. 3410 }, 3411 }, 3412 }, 3413 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3414 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3415 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3416 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3417 }, 3418 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 3419 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3420 "a_key": "A String", 3421 }, 3422 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 3423 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3424 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3425 }, 3426 }, 3427 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3428 "a_key": "A String", 3429 }, 3430 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 3431 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3432 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3433 }, 3434 }, 3435 }, 3436 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 3437 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 3438 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 3439 "add": [ # Added capabilities +optional 3440 "A String", 3441 ], 3442 "drop": [ # Removed capabilities +optional 3443 "A String", 3444 ], 3445 }, 3446 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 3447 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 3448 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3449 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3450 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3451 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3452 "level": "A String", # Level is SELinux level label that applies to the container. +optional 3453 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 3454 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 3455 "user": "A String", # User is a SELinux user label that applies to the container. +optional 3456 }, 3457 }, 3458 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 3459 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 3460 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 3461 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 3462 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 3463 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 3464 { # volumeDevice describes a mapping of a raw block device within a container. 3465 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 3466 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 3467 }, 3468 ], 3469 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 3470 { # VolumeMount describes a mounting of a Volume within a container. 3471 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 3472 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 3473 "name": "A String", # This must match the Name of a Volume. 3474 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 3475 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 3476 }, 3477 ], 3478 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 3479 }, 3480 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 3481 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 3482 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 3483 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3484 "A String", 3485 ], 3486 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3487 "A String", 3488 ], 3489 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 3490 { # EnvVar represents an environment variable present in a Container. 3491 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 3492 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 3493 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 3494 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 3495 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 3496 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3497 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3498 }, 3499 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 3500 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 3501 }, 3502 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 3503 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 3504 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3505 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3506 }, 3507 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 3508 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 3509 }, 3510 }, 3511 }, 3512 ], 3513 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 3514 { # EnvFromSource represents the source of a set of ConfigMaps 3515 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 3516 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3517 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3518 }, 3519 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 3520 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 3521 }, 3522 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 3523 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 3524 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3525 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3526 }, 3527 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 3528 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 3529 }, 3530 }, 3531 ], 3532 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3533 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 3534 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 3535 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3536 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3537 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3538 "A String", 3539 ], 3540 }, 3541 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3542 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3543 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3544 { # HTTPHeader describes a custom header to be used in HTTP probes 3545 "name": "A String", # The header field name 3546 "value": "A String", # The header field value 3547 }, 3548 ], 3549 "path": "A String", # Path to access on the HTTP server. +optional 3550 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3551 "intVal": 42, # The int value. 3552 "strVal": "A String", # The string value. 3553 "type": 42, # The type of the value. 3554 }, 3555 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3556 }, 3557 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3558 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3559 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3560 "intVal": 42, # The int value. 3561 "strVal": "A String", # The string value. 3562 "type": 42, # The type of the value. 3563 }, 3564 }, 3565 }, 3566 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3567 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3568 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3569 "A String", 3570 ], 3571 }, 3572 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3573 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3574 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3575 { # HTTPHeader describes a custom header to be used in HTTP probes 3576 "name": "A String", # The header field name 3577 "value": "A String", # The header field value 3578 }, 3579 ], 3580 "path": "A String", # Path to access on the HTTP server. +optional 3581 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3582 "intVal": 42, # The int value. 3583 "strVal": "A String", # The string value. 3584 "type": 42, # The type of the value. 3585 }, 3586 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3587 }, 3588 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3589 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3590 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3591 "intVal": 42, # The int value. 3592 "strVal": "A String", # The string value. 3593 "type": 42, # The type of the value. 3594 }, 3595 }, 3596 }, 3597 }, 3598 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3599 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3600 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3601 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3602 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3603 "A String", 3604 ], 3605 }, 3606 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3607 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3608 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3609 { # HTTPHeader describes a custom header to be used in HTTP probes 3610 "name": "A String", # The header field name 3611 "value": "A String", # The header field value 3612 }, 3613 ], 3614 "path": "A String", # Path to access on the HTTP server. +optional 3615 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3616 "intVal": 42, # The int value. 3617 "strVal": "A String", # The string value. 3618 "type": 42, # The type of the value. 3619 }, 3620 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3621 }, 3622 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3623 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3624 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3625 "intVal": 42, # The int value. 3626 "strVal": "A String", # The string value. 3627 "type": 42, # The type of the value. 3628 }, 3629 }, 3630 }, 3631 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3632 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3633 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3634 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3635 }, 3636 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3637 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3638 { # ContainerPort represents a network port in a single container. 3639 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3640 "hostIP": "A String", # What host IP to bind the external port to. +optional 3641 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3642 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3643 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3644 }, 3645 ], 3646 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3647 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3648 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3649 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3650 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3651 "A String", 3652 ], 3653 }, 3654 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3655 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3656 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3657 { # HTTPHeader describes a custom header to be used in HTTP probes 3658 "name": "A String", # The header field name 3659 "value": "A String", # The header field value 3660 }, 3661 ], 3662 "path": "A String", # Path to access on the HTTP server. +optional 3663 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3664 "intVal": 42, # The int value. 3665 "strVal": "A String", # The string value. 3666 "type": 42, # The type of the value. 3667 }, 3668 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3669 }, 3670 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3671 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3672 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3673 "intVal": 42, # The int value. 3674 "strVal": "A String", # The string value. 3675 "type": 42, # The type of the value. 3676 }, 3677 }, 3678 }, 3679 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3680 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3681 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3682 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3683 }, 3684 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 3685 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3686 "a_key": "A String", 3687 }, 3688 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 3689 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3690 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3691 }, 3692 }, 3693 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 3694 "a_key": "A String", 3695 }, 3696 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 3697 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 3698 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 3699 }, 3700 }, 3701 }, 3702 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 3703 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 3704 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 3705 "add": [ # Added capabilities +optional 3706 "A String", 3707 ], 3708 "drop": [ # Removed capabilities +optional 3709 "A String", 3710 ], 3711 }, 3712 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 3713 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 3714 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3715 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3716 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3717 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 3718 "level": "A String", # Level is SELinux level label that applies to the container. +optional 3719 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 3720 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 3721 "user": "A String", # User is a SELinux user label that applies to the container. +optional 3722 }, 3723 }, 3724 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 3725 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 3726 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 3727 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 3728 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 3729 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 3730 { # volumeDevice describes a mapping of a raw block device within a container. 3731 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 3732 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 3733 }, 3734 ], 3735 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 3736 { # VolumeMount describes a mounting of a Volume within a container. 3737 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 3738 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 3739 "name": "A String", # This must match the Name of a Volume. 3740 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 3741 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 3742 }, 3743 ], 3744 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 3745 }, 3746 ], 3747 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 3748 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 3749 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 3750 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 3751 "volumes": [ 3752 { # Volume represents a named volume in a container. 3753 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 3754 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3755 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3756 { # Maps a string key to a path within a volume. 3757 "key": "A String", # The key to project. 3758 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3759 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3760 }, 3761 ], 3762 "name": "A String", # Name of the config. 3763 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3764 }, 3765 "name": "A String", # Volume's name. 3766 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 3767 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 3768 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 3769 { # Maps a string key to a path within a volume. 3770 "key": "A String", # The key to project. 3771 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 3772 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 3773 }, 3774 ], 3775 "optional": True or False, # Specify whether the Secret or its keys must be defined. 3776 "secretName": "A String", # Name of the secret in the container's namespace to use. 3777 }, 3778 }, 3779 ], 3780 }, 3781 }, 3782 }, 3783 }, 3784 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 3785 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 3786 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 3787 "a_key": "A String", 3788 }, 3789 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 3790 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3791 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 3792 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 3793 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 3794 "A String", 3795 ], 3796 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 3797 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 3798 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 3799 "a_key": "A String", 3800 }, 3801 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 3802 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 3803 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 3804 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 3805 "apiVersion": "A String", # API version of the referent. 3806 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 3807 "controller": True or False, # If true, this reference points to the managing controller. +optional 3808 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 3809 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 3810 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 3811 }, 3812 ], 3813 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 3814 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 3815 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 3816 }, 3817 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 3818 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 3819 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 3820 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3821 "A String", 3822 ], 3823 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 3824 "A String", 3825 ], 3826 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 3827 { # EnvVar represents an environment variable present in a Container. 3828 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 3829 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 3830 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 3831 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 3832 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 3833 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3834 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3835 }, 3836 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 3837 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 3838 }, 3839 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 3840 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 3841 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3842 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3843 }, 3844 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 3845 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 3846 }, 3847 }, 3848 }, 3849 ], 3850 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 3851 { # EnvFromSource represents the source of a set of ConfigMaps 3852 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 3853 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3854 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3855 }, 3856 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 3857 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 3858 }, 3859 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 3860 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 3861 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 3862 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 3863 }, 3864 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 3865 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 3866 }, 3867 }, 3868 ], 3869 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 3870 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 3871 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 3872 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3873 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3874 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3875 "A String", 3876 ], 3877 }, 3878 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3879 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3880 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3881 { # HTTPHeader describes a custom header to be used in HTTP probes 3882 "name": "A String", # The header field name 3883 "value": "A String", # The header field value 3884 }, 3885 ], 3886 "path": "A String", # Path to access on the HTTP server. +optional 3887 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3888 "intVal": 42, # The int value. 3889 "strVal": "A String", # The string value. 3890 "type": 42, # The type of the value. 3891 }, 3892 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3893 }, 3894 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3895 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3896 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3897 "intVal": 42, # The int value. 3898 "strVal": "A String", # The string value. 3899 "type": 42, # The type of the value. 3900 }, 3901 }, 3902 }, 3903 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 3904 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3905 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3906 "A String", 3907 ], 3908 }, 3909 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3910 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3911 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3912 { # HTTPHeader describes a custom header to be used in HTTP probes 3913 "name": "A String", # The header field name 3914 "value": "A String", # The header field value 3915 }, 3916 ], 3917 "path": "A String", # Path to access on the HTTP server. +optional 3918 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3919 "intVal": 42, # The int value. 3920 "strVal": "A String", # The string value. 3921 "type": 42, # The type of the value. 3922 }, 3923 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3924 }, 3925 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3926 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3927 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3928 "intVal": 42, # The int value. 3929 "strVal": "A String", # The string value. 3930 "type": 42, # The type of the value. 3931 }, 3932 }, 3933 }, 3934 }, 3935 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3936 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3937 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3938 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3939 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3940 "A String", 3941 ], 3942 }, 3943 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3944 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3945 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3946 { # HTTPHeader describes a custom header to be used in HTTP probes 3947 "name": "A String", # The header field name 3948 "value": "A String", # The header field value 3949 }, 3950 ], 3951 "path": "A String", # Path to access on the HTTP server. +optional 3952 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3953 "intVal": 42, # The int value. 3954 "strVal": "A String", # The string value. 3955 "type": 42, # The type of the value. 3956 }, 3957 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 3958 }, 3959 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 3960 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 3961 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 3962 "intVal": 42, # The int value. 3963 "strVal": "A String", # The string value. 3964 "type": 42, # The type of the value. 3965 }, 3966 }, 3967 }, 3968 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3969 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 3970 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 3971 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3972 }, 3973 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 3974 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 3975 { # ContainerPort represents a network port in a single container. 3976 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 3977 "hostIP": "A String", # What host IP to bind the external port to. +optional 3978 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 3979 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 3980 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 3981 }, 3982 ], 3983 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 3984 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 3985 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 3986 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 3987 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 3988 "A String", 3989 ], 3990 }, 3991 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 3992 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 3993 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 3994 { # HTTPHeader describes a custom header to be used in HTTP probes 3995 "name": "A String", # The header field name 3996 "value": "A String", # The header field value 3997 }, 3998 ], 3999 "path": "A String", # Path to access on the HTTP server. +optional 4000 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4001 "intVal": 42, # The int value. 4002 "strVal": "A String", # The string value. 4003 "type": 42, # The type of the value. 4004 }, 4005 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4006 }, 4007 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4008 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4009 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4010 "intVal": 42, # The int value. 4011 "strVal": "A String", # The string value. 4012 "type": 42, # The type of the value. 4013 }, 4014 }, 4015 }, 4016 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4017 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4018 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4019 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4020 }, 4021 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4022 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4023 "a_key": "A String", 4024 }, 4025 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4026 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4027 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4028 }, 4029 }, 4030 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4031 "a_key": "A String", 4032 }, 4033 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4034 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4035 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4036 }, 4037 }, 4038 }, 4039 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 4040 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 4041 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 4042 "add": [ # Added capabilities +optional 4043 "A String", 4044 ], 4045 "drop": [ # Removed capabilities +optional 4046 "A String", 4047 ], 4048 }, 4049 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 4050 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 4051 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4052 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4053 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4054 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4055 "level": "A String", # Level is SELinux level label that applies to the container. +optional 4056 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 4057 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 4058 "user": "A String", # User is a SELinux user label that applies to the container. +optional 4059 }, 4060 }, 4061 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 4062 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 4063 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 4064 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 4065 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 4066 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 4067 { # volumeDevice describes a mapping of a raw block device within a container. 4068 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 4069 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 4070 }, 4071 ], 4072 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 4073 { # VolumeMount describes a mounting of a Volume within a container. 4074 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 4075 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 4076 "name": "A String", # This must match the Name of a Volume. 4077 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 4078 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 4079 }, 4080 ], 4081 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 4082 }, 4083 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 4084 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 4085 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 4086 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4087 "A String", 4088 ], 4089 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4090 "A String", 4091 ], 4092 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 4093 { # EnvVar represents an environment variable present in a Container. 4094 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 4095 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 4096 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 4097 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 4098 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 4099 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4100 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4101 }, 4102 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 4103 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 4104 }, 4105 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 4106 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 4107 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4108 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4109 }, 4110 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 4111 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 4112 }, 4113 }, 4114 }, 4115 ], 4116 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 4117 { # EnvFromSource represents the source of a set of ConfigMaps 4118 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 4119 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4120 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4121 }, 4122 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 4123 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 4124 }, 4125 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 4126 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 4127 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4128 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4129 }, 4130 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 4131 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 4132 }, 4133 }, 4134 ], 4135 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 4136 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 4137 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 4138 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4139 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4140 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4141 "A String", 4142 ], 4143 }, 4144 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4145 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4146 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4147 { # HTTPHeader describes a custom header to be used in HTTP probes 4148 "name": "A String", # The header field name 4149 "value": "A String", # The header field value 4150 }, 4151 ], 4152 "path": "A String", # Path to access on the HTTP server. +optional 4153 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4154 "intVal": 42, # The int value. 4155 "strVal": "A String", # The string value. 4156 "type": 42, # The type of the value. 4157 }, 4158 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4159 }, 4160 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4161 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4162 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4163 "intVal": 42, # The int value. 4164 "strVal": "A String", # The string value. 4165 "type": 42, # The type of the value. 4166 }, 4167 }, 4168 }, 4169 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4170 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4171 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4172 "A String", 4173 ], 4174 }, 4175 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4176 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4177 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4178 { # HTTPHeader describes a custom header to be used in HTTP probes 4179 "name": "A String", # The header field name 4180 "value": "A String", # The header field value 4181 }, 4182 ], 4183 "path": "A String", # Path to access on the HTTP server. +optional 4184 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4185 "intVal": 42, # The int value. 4186 "strVal": "A String", # The string value. 4187 "type": 42, # The type of the value. 4188 }, 4189 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4190 }, 4191 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4192 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4193 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4194 "intVal": 42, # The int value. 4195 "strVal": "A String", # The string value. 4196 "type": 42, # The type of the value. 4197 }, 4198 }, 4199 }, 4200 }, 4201 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4202 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4203 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4204 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4205 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4206 "A String", 4207 ], 4208 }, 4209 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4210 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4211 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4212 { # HTTPHeader describes a custom header to be used in HTTP probes 4213 "name": "A String", # The header field name 4214 "value": "A String", # The header field value 4215 }, 4216 ], 4217 "path": "A String", # Path to access on the HTTP server. +optional 4218 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4219 "intVal": 42, # The int value. 4220 "strVal": "A String", # The string value. 4221 "type": 42, # The type of the value. 4222 }, 4223 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4224 }, 4225 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4226 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4227 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4228 "intVal": 42, # The int value. 4229 "strVal": "A String", # The string value. 4230 "type": 42, # The type of the value. 4231 }, 4232 }, 4233 }, 4234 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4235 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4236 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4237 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4238 }, 4239 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 4240 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 4241 { # ContainerPort represents a network port in a single container. 4242 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 4243 "hostIP": "A String", # What host IP to bind the external port to. +optional 4244 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 4245 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 4246 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 4247 }, 4248 ], 4249 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4250 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4251 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4252 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4253 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4254 "A String", 4255 ], 4256 }, 4257 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4258 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4259 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4260 { # HTTPHeader describes a custom header to be used in HTTP probes 4261 "name": "A String", # The header field name 4262 "value": "A String", # The header field value 4263 }, 4264 ], 4265 "path": "A String", # Path to access on the HTTP server. +optional 4266 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4267 "intVal": 42, # The int value. 4268 "strVal": "A String", # The string value. 4269 "type": 42, # The type of the value. 4270 }, 4271 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4272 }, 4273 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4274 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4275 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4276 "intVal": 42, # The int value. 4277 "strVal": "A String", # The string value. 4278 "type": 42, # The type of the value. 4279 }, 4280 }, 4281 }, 4282 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4283 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4284 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4285 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4286 }, 4287 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4288 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4289 "a_key": "A String", 4290 }, 4291 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4292 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4293 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4294 }, 4295 }, 4296 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4297 "a_key": "A String", 4298 }, 4299 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4300 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4301 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4302 }, 4303 }, 4304 }, 4305 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 4306 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 4307 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 4308 "add": [ # Added capabilities +optional 4309 "A String", 4310 ], 4311 "drop": [ # Removed capabilities +optional 4312 "A String", 4313 ], 4314 }, 4315 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 4316 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 4317 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4318 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4319 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4320 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4321 "level": "A String", # Level is SELinux level label that applies to the container. +optional 4322 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 4323 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 4324 "user": "A String", # User is a SELinux user label that applies to the container. +optional 4325 }, 4326 }, 4327 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 4328 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 4329 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 4330 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 4331 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 4332 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 4333 { # volumeDevice describes a mapping of a raw block device within a container. 4334 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 4335 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 4336 }, 4337 ], 4338 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 4339 { # VolumeMount describes a mounting of a Volume within a container. 4340 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 4341 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 4342 "name": "A String", # This must match the Name of a Volume. 4343 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 4344 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 4345 }, 4346 ], 4347 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 4348 }, 4349 ], 4350 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 4351 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 4352 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 4353 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 4354 "volumes": [ 4355 { # Volume represents a named volume in a container. 4356 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 4357 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 4358 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 4359 { # Maps a string key to a path within a volume. 4360 "key": "A String", # The key to project. 4361 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 4362 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 4363 }, 4364 ], 4365 "name": "A String", # Name of the config. 4366 "optional": True or False, # Specify whether the Secret or its keys must be defined. 4367 }, 4368 "name": "A String", # Volume's name. 4369 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 4370 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 4371 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 4372 { # Maps a string key to a path within a volume. 4373 "key": "A String", # The key to project. 4374 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 4375 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 4376 }, 4377 ], 4378 "optional": True or False, # Specify whether the Secret or its keys must be defined. 4379 "secretName": "A String", # Name of the secret in the container's namespace to use. 4380 }, 4381 }, 4382 ], 4383 }, 4384 }, 4385 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 4386 { # TrafficTarget holds a single entry of the routing table for a Route. 4387 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 4388 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 4389 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 4390 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 4391 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 4392 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 4393 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 4394 }, 4395 ], 4396 }, 4397 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 4398 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 4399 "hostname": "A String", # Deprecated - use url instead. 4400 "url": "A String", 4401 }, 4402 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 4403 { # ServiceCondition defines a readiness condition for a Service. 4404 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 4405 "message": "A String", # Human-readable message indicating details about last transition. +optional 4406 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 4407 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 4408 "status": "A String", # Status of the condition, one of True, False, Unknown. 4409 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 4410 }, 4411 ], 4412 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 4413 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 4414 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 4415 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 4416 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 4417 { # TrafficTarget holds a single entry of the routing table for a Route. 4418 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 4419 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 4420 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 4421 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 4422 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 4423 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 4424 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 4425 }, 4426 ], 4427 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 4428 }, 4429} 4430 4431 x__xgafv: string, V1 error format. 4432 Allowed values 4433 1 - v1 error format 4434 2 - v2 error format 4435 4436Returns: 4437 An object of the form: 4438 4439 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 4440 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 4441 "kind": "A String", # The kind of resource, in this case "Service". 4442 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 4443 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 4444 "a_key": "A String", 4445 }, 4446 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 4447 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4448 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 4449 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4450 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 4451 "A String", 4452 ], 4453 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 4454 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 4455 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 4456 "a_key": "A String", 4457 }, 4458 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 4459 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 4460 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 4461 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 4462 "apiVersion": "A String", # API version of the referent. 4463 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 4464 "controller": True or False, # If true, this reference points to the managing controller. +optional 4465 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4466 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 4467 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 4468 }, 4469 ], 4470 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 4471 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 4472 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 4473 }, 4474 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 4475 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 4476 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 4477 }, 4478 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 4479 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 4480 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 4481 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 4482 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 4483 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 4484 "a_key": "A String", 4485 }, 4486 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 4487 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4488 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 4489 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 4490 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 4491 "A String", 4492 ], 4493 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 4494 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 4495 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 4496 "a_key": "A String", 4497 }, 4498 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 4499 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 4500 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 4501 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 4502 "apiVersion": "A String", # API version of the referent. 4503 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 4504 "controller": True or False, # If true, this reference points to the managing controller. +optional 4505 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 4506 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 4507 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 4508 }, 4509 ], 4510 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 4511 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 4512 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 4513 }, 4514 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 4515 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 4516 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 4517 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4518 "A String", 4519 ], 4520 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4521 "A String", 4522 ], 4523 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 4524 { # EnvVar represents an environment variable present in a Container. 4525 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 4526 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 4527 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 4528 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 4529 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 4530 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4531 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4532 }, 4533 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 4534 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 4535 }, 4536 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 4537 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 4538 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4539 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4540 }, 4541 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 4542 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 4543 }, 4544 }, 4545 }, 4546 ], 4547 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 4548 { # EnvFromSource represents the source of a set of ConfigMaps 4549 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 4550 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4551 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4552 }, 4553 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 4554 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 4555 }, 4556 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 4557 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 4558 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4559 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4560 }, 4561 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 4562 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 4563 }, 4564 }, 4565 ], 4566 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 4567 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 4568 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 4569 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4570 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4571 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4572 "A String", 4573 ], 4574 }, 4575 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4576 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4577 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4578 { # HTTPHeader describes a custom header to be used in HTTP probes 4579 "name": "A String", # The header field name 4580 "value": "A String", # The header field value 4581 }, 4582 ], 4583 "path": "A String", # Path to access on the HTTP server. +optional 4584 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4585 "intVal": 42, # The int value. 4586 "strVal": "A String", # The string value. 4587 "type": 42, # The type of the value. 4588 }, 4589 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4590 }, 4591 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4592 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4593 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4594 "intVal": 42, # The int value. 4595 "strVal": "A String", # The string value. 4596 "type": 42, # The type of the value. 4597 }, 4598 }, 4599 }, 4600 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4601 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4602 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4603 "A String", 4604 ], 4605 }, 4606 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4607 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4608 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4609 { # HTTPHeader describes a custom header to be used in HTTP probes 4610 "name": "A String", # The header field name 4611 "value": "A String", # The header field value 4612 }, 4613 ], 4614 "path": "A String", # Path to access on the HTTP server. +optional 4615 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4616 "intVal": 42, # The int value. 4617 "strVal": "A String", # The string value. 4618 "type": 42, # The type of the value. 4619 }, 4620 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4621 }, 4622 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4623 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4624 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4625 "intVal": 42, # The int value. 4626 "strVal": "A String", # The string value. 4627 "type": 42, # The type of the value. 4628 }, 4629 }, 4630 }, 4631 }, 4632 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4633 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4634 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4635 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4636 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4637 "A String", 4638 ], 4639 }, 4640 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4641 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4642 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4643 { # HTTPHeader describes a custom header to be used in HTTP probes 4644 "name": "A String", # The header field name 4645 "value": "A String", # The header field value 4646 }, 4647 ], 4648 "path": "A String", # Path to access on the HTTP server. +optional 4649 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4650 "intVal": 42, # The int value. 4651 "strVal": "A String", # The string value. 4652 "type": 42, # The type of the value. 4653 }, 4654 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4655 }, 4656 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4657 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4658 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4659 "intVal": 42, # The int value. 4660 "strVal": "A String", # The string value. 4661 "type": 42, # The type of the value. 4662 }, 4663 }, 4664 }, 4665 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4666 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4667 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4668 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4669 }, 4670 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 4671 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 4672 { # ContainerPort represents a network port in a single container. 4673 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 4674 "hostIP": "A String", # What host IP to bind the external port to. +optional 4675 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 4676 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 4677 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 4678 }, 4679 ], 4680 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4681 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4682 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4683 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4684 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4685 "A String", 4686 ], 4687 }, 4688 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4689 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4690 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4691 { # HTTPHeader describes a custom header to be used in HTTP probes 4692 "name": "A String", # The header field name 4693 "value": "A String", # The header field value 4694 }, 4695 ], 4696 "path": "A String", # Path to access on the HTTP server. +optional 4697 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4698 "intVal": 42, # The int value. 4699 "strVal": "A String", # The string value. 4700 "type": 42, # The type of the value. 4701 }, 4702 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4703 }, 4704 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4705 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4706 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4707 "intVal": 42, # The int value. 4708 "strVal": "A String", # The string value. 4709 "type": 42, # The type of the value. 4710 }, 4711 }, 4712 }, 4713 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4714 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4715 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4716 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4717 }, 4718 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4719 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4720 "a_key": "A String", 4721 }, 4722 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4723 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4724 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4725 }, 4726 }, 4727 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4728 "a_key": "A String", 4729 }, 4730 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4731 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4732 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4733 }, 4734 }, 4735 }, 4736 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 4737 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 4738 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 4739 "add": [ # Added capabilities +optional 4740 "A String", 4741 ], 4742 "drop": [ # Removed capabilities +optional 4743 "A String", 4744 ], 4745 }, 4746 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 4747 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 4748 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4749 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4750 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4751 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 4752 "level": "A String", # Level is SELinux level label that applies to the container. +optional 4753 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 4754 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 4755 "user": "A String", # User is a SELinux user label that applies to the container. +optional 4756 }, 4757 }, 4758 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 4759 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 4760 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 4761 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 4762 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 4763 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 4764 { # volumeDevice describes a mapping of a raw block device within a container. 4765 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 4766 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 4767 }, 4768 ], 4769 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 4770 { # VolumeMount describes a mounting of a Volume within a container. 4771 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 4772 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 4773 "name": "A String", # This must match the Name of a Volume. 4774 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 4775 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 4776 }, 4777 ], 4778 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 4779 }, 4780 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 4781 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 4782 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 4783 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4784 "A String", 4785 ], 4786 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 4787 "A String", 4788 ], 4789 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 4790 { # EnvVar represents an environment variable present in a Container. 4791 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 4792 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 4793 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 4794 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 4795 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 4796 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4797 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4798 }, 4799 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 4800 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 4801 }, 4802 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 4803 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 4804 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4805 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4806 }, 4807 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 4808 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 4809 }, 4810 }, 4811 }, 4812 ], 4813 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 4814 { # EnvFromSource represents the source of a set of ConfigMaps 4815 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 4816 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4817 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4818 }, 4819 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 4820 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 4821 }, 4822 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 4823 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 4824 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 4825 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 4826 }, 4827 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 4828 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 4829 }, 4830 }, 4831 ], 4832 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 4833 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 4834 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 4835 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4836 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4837 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4838 "A String", 4839 ], 4840 }, 4841 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4842 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4843 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4844 { # HTTPHeader describes a custom header to be used in HTTP probes 4845 "name": "A String", # The header field name 4846 "value": "A String", # The header field value 4847 }, 4848 ], 4849 "path": "A String", # Path to access on the HTTP server. +optional 4850 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4851 "intVal": 42, # The int value. 4852 "strVal": "A String", # The string value. 4853 "type": 42, # The type of the value. 4854 }, 4855 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4856 }, 4857 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4858 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4859 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4860 "intVal": 42, # The int value. 4861 "strVal": "A String", # The string value. 4862 "type": 42, # The type of the value. 4863 }, 4864 }, 4865 }, 4866 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 4867 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4868 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4869 "A String", 4870 ], 4871 }, 4872 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4873 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4874 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4875 { # HTTPHeader describes a custom header to be used in HTTP probes 4876 "name": "A String", # The header field name 4877 "value": "A String", # The header field value 4878 }, 4879 ], 4880 "path": "A String", # Path to access on the HTTP server. +optional 4881 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4882 "intVal": 42, # The int value. 4883 "strVal": "A String", # The string value. 4884 "type": 42, # The type of the value. 4885 }, 4886 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4887 }, 4888 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4889 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4890 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4891 "intVal": 42, # The int value. 4892 "strVal": "A String", # The string value. 4893 "type": 42, # The type of the value. 4894 }, 4895 }, 4896 }, 4897 }, 4898 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4899 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4900 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4901 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4902 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4903 "A String", 4904 ], 4905 }, 4906 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4907 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4908 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4909 { # HTTPHeader describes a custom header to be used in HTTP probes 4910 "name": "A String", # The header field name 4911 "value": "A String", # The header field value 4912 }, 4913 ], 4914 "path": "A String", # Path to access on the HTTP server. +optional 4915 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4916 "intVal": 42, # The int value. 4917 "strVal": "A String", # The string value. 4918 "type": 42, # The type of the value. 4919 }, 4920 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4921 }, 4922 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4923 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4924 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4925 "intVal": 42, # The int value. 4926 "strVal": "A String", # The string value. 4927 "type": 42, # The type of the value. 4928 }, 4929 }, 4930 }, 4931 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4932 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4933 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4934 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4935 }, 4936 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 4937 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 4938 { # ContainerPort represents a network port in a single container. 4939 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 4940 "hostIP": "A String", # What host IP to bind the external port to. +optional 4941 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 4942 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 4943 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 4944 }, 4945 ], 4946 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4947 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 4948 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 4949 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 4950 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 4951 "A String", 4952 ], 4953 }, 4954 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 4955 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 4956 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 4957 { # HTTPHeader describes a custom header to be used in HTTP probes 4958 "name": "A String", # The header field name 4959 "value": "A String", # The header field value 4960 }, 4961 ], 4962 "path": "A String", # Path to access on the HTTP server. +optional 4963 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4964 "intVal": 42, # The int value. 4965 "strVal": "A String", # The string value. 4966 "type": 42, # The type of the value. 4967 }, 4968 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 4969 }, 4970 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 4971 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 4972 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 4973 "intVal": 42, # The int value. 4974 "strVal": "A String", # The string value. 4975 "type": 42, # The type of the value. 4976 }, 4977 }, 4978 }, 4979 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4980 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 4981 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 4982 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 4983 }, 4984 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 4985 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4986 "a_key": "A String", 4987 }, 4988 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 4989 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4990 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4991 }, 4992 }, 4993 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 4994 "a_key": "A String", 4995 }, 4996 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 4997 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 4998 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 4999 }, 5000 }, 5001 }, 5002 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 5003 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 5004 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 5005 "add": [ # Added capabilities +optional 5006 "A String", 5007 ], 5008 "drop": [ # Removed capabilities +optional 5009 "A String", 5010 ], 5011 }, 5012 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5013 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5014 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5015 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5016 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5017 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5018 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5019 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5020 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5021 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5022 }, 5023 }, 5024 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5025 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5026 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5027 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5028 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5029 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5030 { # volumeDevice describes a mapping of a raw block device within a container. 5031 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5032 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5033 }, 5034 ], 5035 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5036 { # VolumeMount describes a mounting of a Volume within a container. 5037 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5038 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5039 "name": "A String", # This must match the Name of a Volume. 5040 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5041 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5042 }, 5043 ], 5044 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5045 }, 5046 ], 5047 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 5048 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 5049 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 5050 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 5051 "volumes": [ 5052 { # Volume represents a named volume in a container. 5053 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 5054 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5055 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5056 { # Maps a string key to a path within a volume. 5057 "key": "A String", # The key to project. 5058 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5059 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5060 }, 5061 ], 5062 "name": "A String", # Name of the config. 5063 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5064 }, 5065 "name": "A String", # Volume's name. 5066 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 5067 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5068 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5069 { # Maps a string key to a path within a volume. 5070 "key": "A String", # The key to project. 5071 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5072 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5073 }, 5074 ], 5075 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5076 "secretName": "A String", # Name of the secret in the container's namespace to use. 5077 }, 5078 }, 5079 ], 5080 }, 5081 }, 5082 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 5083 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 5084 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 5085 "a_key": "A String", 5086 }, 5087 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 5088 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5089 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 5090 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5091 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 5092 "A String", 5093 ], 5094 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 5095 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 5096 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 5097 "a_key": "A String", 5098 }, 5099 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 5100 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 5101 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 5102 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 5103 "apiVersion": "A String", # API version of the referent. 5104 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 5105 "controller": True or False, # If true, this reference points to the managing controller. +optional 5106 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5107 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 5108 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 5109 }, 5110 ], 5111 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 5112 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 5113 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 5114 }, 5115 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 5116 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 5117 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 5118 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5119 "A String", 5120 ], 5121 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5122 "A String", 5123 ], 5124 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5125 { # EnvVar represents an environment variable present in a Container. 5126 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 5127 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 5128 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 5129 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 5130 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 5131 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5132 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5133 }, 5134 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 5135 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 5136 }, 5137 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 5138 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 5139 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5140 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5141 }, 5142 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 5143 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 5144 }, 5145 }, 5146 }, 5147 ], 5148 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 5149 { # EnvFromSource represents the source of a set of ConfigMaps 5150 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 5151 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5152 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5153 }, 5154 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 5155 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 5156 }, 5157 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 5158 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 5159 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5160 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5161 }, 5162 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 5163 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 5164 }, 5165 }, 5166 ], 5167 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5168 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 5169 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 5170 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5171 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5172 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5173 "A String", 5174 ], 5175 }, 5176 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5177 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5178 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5179 { # HTTPHeader describes a custom header to be used in HTTP probes 5180 "name": "A String", # The header field name 5181 "value": "A String", # The header field value 5182 }, 5183 ], 5184 "path": "A String", # Path to access on the HTTP server. +optional 5185 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5186 "intVal": 42, # The int value. 5187 "strVal": "A String", # The string value. 5188 "type": 42, # The type of the value. 5189 }, 5190 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5191 }, 5192 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5193 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5194 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5195 "intVal": 42, # The int value. 5196 "strVal": "A String", # The string value. 5197 "type": 42, # The type of the value. 5198 }, 5199 }, 5200 }, 5201 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5202 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5203 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5204 "A String", 5205 ], 5206 }, 5207 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5208 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5209 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5210 { # HTTPHeader describes a custom header to be used in HTTP probes 5211 "name": "A String", # The header field name 5212 "value": "A String", # The header field value 5213 }, 5214 ], 5215 "path": "A String", # Path to access on the HTTP server. +optional 5216 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5217 "intVal": 42, # The int value. 5218 "strVal": "A String", # The string value. 5219 "type": 42, # The type of the value. 5220 }, 5221 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5222 }, 5223 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5224 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5225 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5226 "intVal": 42, # The int value. 5227 "strVal": "A String", # The string value. 5228 "type": 42, # The type of the value. 5229 }, 5230 }, 5231 }, 5232 }, 5233 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5234 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5235 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5236 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5237 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5238 "A String", 5239 ], 5240 }, 5241 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5242 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5243 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5244 { # HTTPHeader describes a custom header to be used in HTTP probes 5245 "name": "A String", # The header field name 5246 "value": "A String", # The header field value 5247 }, 5248 ], 5249 "path": "A String", # Path to access on the HTTP server. +optional 5250 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5251 "intVal": 42, # The int value. 5252 "strVal": "A String", # The string value. 5253 "type": 42, # The type of the value. 5254 }, 5255 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5256 }, 5257 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5258 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5259 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5260 "intVal": 42, # The int value. 5261 "strVal": "A String", # The string value. 5262 "type": 42, # The type of the value. 5263 }, 5264 }, 5265 }, 5266 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5267 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5268 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5269 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5270 }, 5271 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 5272 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 5273 { # ContainerPort represents a network port in a single container. 5274 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 5275 "hostIP": "A String", # What host IP to bind the external port to. +optional 5276 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 5277 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 5278 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 5279 }, 5280 ], 5281 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5282 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5283 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5284 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5285 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5286 "A String", 5287 ], 5288 }, 5289 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5290 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5291 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5292 { # HTTPHeader describes a custom header to be used in HTTP probes 5293 "name": "A String", # The header field name 5294 "value": "A String", # The header field value 5295 }, 5296 ], 5297 "path": "A String", # Path to access on the HTTP server. +optional 5298 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5299 "intVal": 42, # The int value. 5300 "strVal": "A String", # The string value. 5301 "type": 42, # The type of the value. 5302 }, 5303 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5304 }, 5305 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5306 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5307 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5308 "intVal": 42, # The int value. 5309 "strVal": "A String", # The string value. 5310 "type": 42, # The type of the value. 5311 }, 5312 }, 5313 }, 5314 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5315 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5316 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5317 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5318 }, 5319 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 5320 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5321 "a_key": "A String", 5322 }, 5323 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 5324 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5325 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5326 }, 5327 }, 5328 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5329 "a_key": "A String", 5330 }, 5331 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 5332 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5333 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5334 }, 5335 }, 5336 }, 5337 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 5338 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 5339 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 5340 "add": [ # Added capabilities +optional 5341 "A String", 5342 ], 5343 "drop": [ # Removed capabilities +optional 5344 "A String", 5345 ], 5346 }, 5347 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5348 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5349 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5350 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5351 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5352 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5353 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5354 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5355 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5356 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5357 }, 5358 }, 5359 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5360 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5361 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5362 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5363 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5364 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5365 { # volumeDevice describes a mapping of a raw block device within a container. 5366 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5367 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5368 }, 5369 ], 5370 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5371 { # VolumeMount describes a mounting of a Volume within a container. 5372 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5373 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5374 "name": "A String", # This must match the Name of a Volume. 5375 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5376 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5377 }, 5378 ], 5379 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5380 }, 5381 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 5382 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 5383 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 5384 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5385 "A String", 5386 ], 5387 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5388 "A String", 5389 ], 5390 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5391 { # EnvVar represents an environment variable present in a Container. 5392 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 5393 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 5394 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 5395 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 5396 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 5397 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5398 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5399 }, 5400 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 5401 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 5402 }, 5403 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 5404 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 5405 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5406 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5407 }, 5408 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 5409 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 5410 }, 5411 }, 5412 }, 5413 ], 5414 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 5415 { # EnvFromSource represents the source of a set of ConfigMaps 5416 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 5417 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5418 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5419 }, 5420 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 5421 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 5422 }, 5423 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 5424 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 5425 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5426 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5427 }, 5428 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 5429 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 5430 }, 5431 }, 5432 ], 5433 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5434 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 5435 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 5436 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5437 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5438 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5439 "A String", 5440 ], 5441 }, 5442 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5443 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5444 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5445 { # HTTPHeader describes a custom header to be used in HTTP probes 5446 "name": "A String", # The header field name 5447 "value": "A String", # The header field value 5448 }, 5449 ], 5450 "path": "A String", # Path to access on the HTTP server. +optional 5451 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5452 "intVal": 42, # The int value. 5453 "strVal": "A String", # The string value. 5454 "type": 42, # The type of the value. 5455 }, 5456 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5457 }, 5458 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5459 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5460 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5461 "intVal": 42, # The int value. 5462 "strVal": "A String", # The string value. 5463 "type": 42, # The type of the value. 5464 }, 5465 }, 5466 }, 5467 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5468 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5469 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5470 "A String", 5471 ], 5472 }, 5473 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5474 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5475 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5476 { # HTTPHeader describes a custom header to be used in HTTP probes 5477 "name": "A String", # The header field name 5478 "value": "A String", # The header field value 5479 }, 5480 ], 5481 "path": "A String", # Path to access on the HTTP server. +optional 5482 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5483 "intVal": 42, # The int value. 5484 "strVal": "A String", # The string value. 5485 "type": 42, # The type of the value. 5486 }, 5487 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5488 }, 5489 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5490 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5491 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5492 "intVal": 42, # The int value. 5493 "strVal": "A String", # The string value. 5494 "type": 42, # The type of the value. 5495 }, 5496 }, 5497 }, 5498 }, 5499 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5500 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5501 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5502 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5503 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5504 "A String", 5505 ], 5506 }, 5507 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5508 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5509 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5510 { # HTTPHeader describes a custom header to be used in HTTP probes 5511 "name": "A String", # The header field name 5512 "value": "A String", # The header field value 5513 }, 5514 ], 5515 "path": "A String", # Path to access on the HTTP server. +optional 5516 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5517 "intVal": 42, # The int value. 5518 "strVal": "A String", # The string value. 5519 "type": 42, # The type of the value. 5520 }, 5521 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5522 }, 5523 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5524 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5525 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5526 "intVal": 42, # The int value. 5527 "strVal": "A String", # The string value. 5528 "type": 42, # The type of the value. 5529 }, 5530 }, 5531 }, 5532 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5533 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5534 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5535 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5536 }, 5537 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 5538 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 5539 { # ContainerPort represents a network port in a single container. 5540 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 5541 "hostIP": "A String", # What host IP to bind the external port to. +optional 5542 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 5543 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 5544 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 5545 }, 5546 ], 5547 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5548 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5549 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5550 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5551 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5552 "A String", 5553 ], 5554 }, 5555 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5556 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5557 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5558 { # HTTPHeader describes a custom header to be used in HTTP probes 5559 "name": "A String", # The header field name 5560 "value": "A String", # The header field value 5561 }, 5562 ], 5563 "path": "A String", # Path to access on the HTTP server. +optional 5564 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5565 "intVal": 42, # The int value. 5566 "strVal": "A String", # The string value. 5567 "type": 42, # The type of the value. 5568 }, 5569 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5570 }, 5571 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5572 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5573 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5574 "intVal": 42, # The int value. 5575 "strVal": "A String", # The string value. 5576 "type": 42, # The type of the value. 5577 }, 5578 }, 5579 }, 5580 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5581 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5582 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5583 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5584 }, 5585 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 5586 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5587 "a_key": "A String", 5588 }, 5589 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 5590 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5591 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5592 }, 5593 }, 5594 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5595 "a_key": "A String", 5596 }, 5597 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 5598 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5599 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5600 }, 5601 }, 5602 }, 5603 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 5604 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 5605 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 5606 "add": [ # Added capabilities +optional 5607 "A String", 5608 ], 5609 "drop": [ # Removed capabilities +optional 5610 "A String", 5611 ], 5612 }, 5613 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5614 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5615 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5616 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5617 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5618 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5619 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5620 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5621 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5622 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5623 }, 5624 }, 5625 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5626 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5627 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5628 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5629 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5630 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5631 { # volumeDevice describes a mapping of a raw block device within a container. 5632 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5633 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5634 }, 5635 ], 5636 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5637 { # VolumeMount describes a mounting of a Volume within a container. 5638 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5639 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5640 "name": "A String", # This must match the Name of a Volume. 5641 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5642 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5643 }, 5644 ], 5645 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5646 }, 5647 ], 5648 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 5649 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 5650 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 5651 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 5652 "volumes": [ 5653 { # Volume represents a named volume in a container. 5654 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 5655 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5656 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5657 { # Maps a string key to a path within a volume. 5658 "key": "A String", # The key to project. 5659 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5660 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5661 }, 5662 ], 5663 "name": "A String", # Name of the config. 5664 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5665 }, 5666 "name": "A String", # Volume's name. 5667 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 5668 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 5669 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 5670 { # Maps a string key to a path within a volume. 5671 "key": "A String", # The key to project. 5672 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 5673 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 5674 }, 5675 ], 5676 "optional": True or False, # Specify whether the Secret or its keys must be defined. 5677 "secretName": "A String", # Name of the secret in the container's namespace to use. 5678 }, 5679 }, 5680 ], 5681 }, 5682 }, 5683 }, 5684 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 5685 }, 5686 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 5687 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 5688 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 5689 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 5690 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 5691 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 5692 "a_key": "A String", 5693 }, 5694 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 5695 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5696 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 5697 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 5698 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 5699 "A String", 5700 ], 5701 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 5702 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 5703 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 5704 "a_key": "A String", 5705 }, 5706 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 5707 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 5708 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 5709 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 5710 "apiVersion": "A String", # API version of the referent. 5711 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 5712 "controller": True or False, # If true, this reference points to the managing controller. +optional 5713 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 5714 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 5715 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 5716 }, 5717 ], 5718 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 5719 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 5720 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 5721 }, 5722 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 5723 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 5724 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 5725 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5726 "A String", 5727 ], 5728 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5729 "A String", 5730 ], 5731 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5732 { # EnvVar represents an environment variable present in a Container. 5733 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 5734 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 5735 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 5736 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 5737 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 5738 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5739 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5740 }, 5741 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 5742 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 5743 }, 5744 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 5745 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 5746 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5747 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5748 }, 5749 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 5750 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 5751 }, 5752 }, 5753 }, 5754 ], 5755 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 5756 { # EnvFromSource represents the source of a set of ConfigMaps 5757 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 5758 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5759 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5760 }, 5761 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 5762 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 5763 }, 5764 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 5765 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 5766 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 5767 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 5768 }, 5769 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 5770 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 5771 }, 5772 }, 5773 ], 5774 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 5775 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 5776 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 5777 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5778 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5779 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5780 "A String", 5781 ], 5782 }, 5783 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5784 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5785 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5786 { # HTTPHeader describes a custom header to be used in HTTP probes 5787 "name": "A String", # The header field name 5788 "value": "A String", # The header field value 5789 }, 5790 ], 5791 "path": "A String", # Path to access on the HTTP server. +optional 5792 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5793 "intVal": 42, # The int value. 5794 "strVal": "A String", # The string value. 5795 "type": 42, # The type of the value. 5796 }, 5797 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5798 }, 5799 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5800 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5801 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5802 "intVal": 42, # The int value. 5803 "strVal": "A String", # The string value. 5804 "type": 42, # The type of the value. 5805 }, 5806 }, 5807 }, 5808 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 5809 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5810 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5811 "A String", 5812 ], 5813 }, 5814 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5815 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5816 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5817 { # HTTPHeader describes a custom header to be used in HTTP probes 5818 "name": "A String", # The header field name 5819 "value": "A String", # The header field value 5820 }, 5821 ], 5822 "path": "A String", # Path to access on the HTTP server. +optional 5823 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5824 "intVal": 42, # The int value. 5825 "strVal": "A String", # The string value. 5826 "type": 42, # The type of the value. 5827 }, 5828 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5829 }, 5830 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5831 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5832 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5833 "intVal": 42, # The int value. 5834 "strVal": "A String", # The string value. 5835 "type": 42, # The type of the value. 5836 }, 5837 }, 5838 }, 5839 }, 5840 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5841 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5842 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5843 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5844 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5845 "A String", 5846 ], 5847 }, 5848 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5849 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5850 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5851 { # HTTPHeader describes a custom header to be used in HTTP probes 5852 "name": "A String", # The header field name 5853 "value": "A String", # The header field value 5854 }, 5855 ], 5856 "path": "A String", # Path to access on the HTTP server. +optional 5857 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5858 "intVal": 42, # The int value. 5859 "strVal": "A String", # The string value. 5860 "type": 42, # The type of the value. 5861 }, 5862 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5863 }, 5864 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5865 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5866 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5867 "intVal": 42, # The int value. 5868 "strVal": "A String", # The string value. 5869 "type": 42, # The type of the value. 5870 }, 5871 }, 5872 }, 5873 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5874 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5875 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5876 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5877 }, 5878 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 5879 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 5880 { # ContainerPort represents a network port in a single container. 5881 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 5882 "hostIP": "A String", # What host IP to bind the external port to. +optional 5883 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 5884 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 5885 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 5886 }, 5887 ], 5888 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5889 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 5890 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 5891 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 5892 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 5893 "A String", 5894 ], 5895 }, 5896 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 5897 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 5898 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 5899 { # HTTPHeader describes a custom header to be used in HTTP probes 5900 "name": "A String", # The header field name 5901 "value": "A String", # The header field value 5902 }, 5903 ], 5904 "path": "A String", # Path to access on the HTTP server. +optional 5905 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5906 "intVal": 42, # The int value. 5907 "strVal": "A String", # The string value. 5908 "type": 42, # The type of the value. 5909 }, 5910 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 5911 }, 5912 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 5913 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 5914 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 5915 "intVal": 42, # The int value. 5916 "strVal": "A String", # The string value. 5917 "type": 42, # The type of the value. 5918 }, 5919 }, 5920 }, 5921 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5922 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 5923 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 5924 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 5925 }, 5926 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 5927 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5928 "a_key": "A String", 5929 }, 5930 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 5931 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5932 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5933 }, 5934 }, 5935 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 5936 "a_key": "A String", 5937 }, 5938 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 5939 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 5940 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 5941 }, 5942 }, 5943 }, 5944 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 5945 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 5946 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 5947 "add": [ # Added capabilities +optional 5948 "A String", 5949 ], 5950 "drop": [ # Removed capabilities +optional 5951 "A String", 5952 ], 5953 }, 5954 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 5955 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 5956 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5957 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5958 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5959 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 5960 "level": "A String", # Level is SELinux level label that applies to the container. +optional 5961 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 5962 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 5963 "user": "A String", # User is a SELinux user label that applies to the container. +optional 5964 }, 5965 }, 5966 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 5967 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 5968 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 5969 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 5970 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 5971 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 5972 { # volumeDevice describes a mapping of a raw block device within a container. 5973 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 5974 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 5975 }, 5976 ], 5977 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 5978 { # VolumeMount describes a mounting of a Volume within a container. 5979 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 5980 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 5981 "name": "A String", # This must match the Name of a Volume. 5982 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 5983 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 5984 }, 5985 ], 5986 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 5987 }, 5988 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 5989 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 5990 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 5991 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5992 "A String", 5993 ], 5994 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 5995 "A String", 5996 ], 5997 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 5998 { # EnvVar represents an environment variable present in a Container. 5999 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 6000 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 6001 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 6002 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 6003 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 6004 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6005 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6006 }, 6007 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 6008 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6009 }, 6010 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6011 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6012 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6013 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6014 }, 6015 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6016 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6017 }, 6018 }, 6019 }, 6020 ], 6021 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6022 { # EnvFromSource represents the source of a set of ConfigMaps 6023 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6024 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6025 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6026 }, 6027 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6028 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6029 }, 6030 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6031 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6032 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6033 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6034 }, 6035 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6036 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6037 }, 6038 }, 6039 ], 6040 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6041 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6042 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6043 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6044 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6045 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6046 "A String", 6047 ], 6048 }, 6049 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6050 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6051 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6052 { # HTTPHeader describes a custom header to be used in HTTP probes 6053 "name": "A String", # The header field name 6054 "value": "A String", # The header field value 6055 }, 6056 ], 6057 "path": "A String", # Path to access on the HTTP server. +optional 6058 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6059 "intVal": 42, # The int value. 6060 "strVal": "A String", # The string value. 6061 "type": 42, # The type of the value. 6062 }, 6063 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6064 }, 6065 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6066 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6067 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6068 "intVal": 42, # The int value. 6069 "strVal": "A String", # The string value. 6070 "type": 42, # The type of the value. 6071 }, 6072 }, 6073 }, 6074 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6075 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6076 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6077 "A String", 6078 ], 6079 }, 6080 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6081 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6082 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6083 { # HTTPHeader describes a custom header to be used in HTTP probes 6084 "name": "A String", # The header field name 6085 "value": "A String", # The header field value 6086 }, 6087 ], 6088 "path": "A String", # Path to access on the HTTP server. +optional 6089 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6090 "intVal": 42, # The int value. 6091 "strVal": "A String", # The string value. 6092 "type": 42, # The type of the value. 6093 }, 6094 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6095 }, 6096 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6097 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6098 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6099 "intVal": 42, # The int value. 6100 "strVal": "A String", # The string value. 6101 "type": 42, # The type of the value. 6102 }, 6103 }, 6104 }, 6105 }, 6106 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6107 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6108 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6109 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6110 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6111 "A String", 6112 ], 6113 }, 6114 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6115 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6116 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6117 { # HTTPHeader describes a custom header to be used in HTTP probes 6118 "name": "A String", # The header field name 6119 "value": "A String", # The header field value 6120 }, 6121 ], 6122 "path": "A String", # Path to access on the HTTP server. +optional 6123 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6124 "intVal": 42, # The int value. 6125 "strVal": "A String", # The string value. 6126 "type": 42, # The type of the value. 6127 }, 6128 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6129 }, 6130 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6131 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6132 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6133 "intVal": 42, # The int value. 6134 "strVal": "A String", # The string value. 6135 "type": 42, # The type of the value. 6136 }, 6137 }, 6138 }, 6139 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6140 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6141 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6142 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6143 }, 6144 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 6145 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 6146 { # ContainerPort represents a network port in a single container. 6147 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 6148 "hostIP": "A String", # What host IP to bind the external port to. +optional 6149 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 6150 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 6151 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 6152 }, 6153 ], 6154 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6155 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6156 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6157 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6158 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6159 "A String", 6160 ], 6161 }, 6162 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6163 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6164 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6165 { # HTTPHeader describes a custom header to be used in HTTP probes 6166 "name": "A String", # The header field name 6167 "value": "A String", # The header field value 6168 }, 6169 ], 6170 "path": "A String", # Path to access on the HTTP server. +optional 6171 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6172 "intVal": 42, # The int value. 6173 "strVal": "A String", # The string value. 6174 "type": 42, # The type of the value. 6175 }, 6176 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6177 }, 6178 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6179 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6180 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6181 "intVal": 42, # The int value. 6182 "strVal": "A String", # The string value. 6183 "type": 42, # The type of the value. 6184 }, 6185 }, 6186 }, 6187 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6188 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6189 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6190 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6191 }, 6192 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 6193 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6194 "a_key": "A String", 6195 }, 6196 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 6197 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6198 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6199 }, 6200 }, 6201 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6202 "a_key": "A String", 6203 }, 6204 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 6205 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6206 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6207 }, 6208 }, 6209 }, 6210 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 6211 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 6212 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 6213 "add": [ # Added capabilities +optional 6214 "A String", 6215 ], 6216 "drop": [ # Removed capabilities +optional 6217 "A String", 6218 ], 6219 }, 6220 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 6221 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 6222 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6223 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6224 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6225 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6226 "level": "A String", # Level is SELinux level label that applies to the container. +optional 6227 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 6228 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 6229 "user": "A String", # User is a SELinux user label that applies to the container. +optional 6230 }, 6231 }, 6232 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 6233 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 6234 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 6235 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 6236 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 6237 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 6238 { # volumeDevice describes a mapping of a raw block device within a container. 6239 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 6240 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 6241 }, 6242 ], 6243 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 6244 { # VolumeMount describes a mounting of a Volume within a container. 6245 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 6246 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 6247 "name": "A String", # This must match the Name of a Volume. 6248 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 6249 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 6250 }, 6251 ], 6252 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 6253 }, 6254 ], 6255 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 6256 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 6257 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 6258 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 6259 "volumes": [ 6260 { # Volume represents a named volume in a container. 6261 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 6262 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6263 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6264 { # Maps a string key to a path within a volume. 6265 "key": "A String", # The key to project. 6266 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6267 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6268 }, 6269 ], 6270 "name": "A String", # Name of the config. 6271 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6272 }, 6273 "name": "A String", # Volume's name. 6274 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 6275 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6276 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6277 { # Maps a string key to a path within a volume. 6278 "key": "A String", # The key to project. 6279 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6280 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6281 }, 6282 ], 6283 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6284 "secretName": "A String", # Name of the secret in the container's namespace to use. 6285 }, 6286 }, 6287 ], 6288 }, 6289 }, 6290 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 6291 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 6292 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 6293 "a_key": "A String", 6294 }, 6295 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 6296 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6297 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 6298 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6299 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 6300 "A String", 6301 ], 6302 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 6303 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 6304 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 6305 "a_key": "A String", 6306 }, 6307 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 6308 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 6309 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 6310 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 6311 "apiVersion": "A String", # API version of the referent. 6312 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 6313 "controller": True or False, # If true, this reference points to the managing controller. +optional 6314 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 6315 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 6316 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 6317 }, 6318 ], 6319 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 6320 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 6321 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 6322 }, 6323 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 6324 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 6325 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 6326 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6327 "A String", 6328 ], 6329 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6330 "A String", 6331 ], 6332 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 6333 { # EnvVar represents an environment variable present in a Container. 6334 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 6335 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 6336 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 6337 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 6338 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 6339 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6340 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6341 }, 6342 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 6343 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6344 }, 6345 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6346 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6347 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6348 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6349 }, 6350 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6351 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6352 }, 6353 }, 6354 }, 6355 ], 6356 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6357 { # EnvFromSource represents the source of a set of ConfigMaps 6358 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6359 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6360 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6361 }, 6362 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6363 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6364 }, 6365 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6366 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6367 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6368 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6369 }, 6370 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6371 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6372 }, 6373 }, 6374 ], 6375 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6376 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6377 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6378 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6379 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6380 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6381 "A String", 6382 ], 6383 }, 6384 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6385 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6386 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6387 { # HTTPHeader describes a custom header to be used in HTTP probes 6388 "name": "A String", # The header field name 6389 "value": "A String", # The header field value 6390 }, 6391 ], 6392 "path": "A String", # Path to access on the HTTP server. +optional 6393 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6394 "intVal": 42, # The int value. 6395 "strVal": "A String", # The string value. 6396 "type": 42, # The type of the value. 6397 }, 6398 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6399 }, 6400 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6401 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6402 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6403 "intVal": 42, # The int value. 6404 "strVal": "A String", # The string value. 6405 "type": 42, # The type of the value. 6406 }, 6407 }, 6408 }, 6409 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6410 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6411 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6412 "A String", 6413 ], 6414 }, 6415 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6416 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6417 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6418 { # HTTPHeader describes a custom header to be used in HTTP probes 6419 "name": "A String", # The header field name 6420 "value": "A String", # The header field value 6421 }, 6422 ], 6423 "path": "A String", # Path to access on the HTTP server. +optional 6424 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6425 "intVal": 42, # The int value. 6426 "strVal": "A String", # The string value. 6427 "type": 42, # The type of the value. 6428 }, 6429 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6430 }, 6431 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6432 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6433 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6434 "intVal": 42, # The int value. 6435 "strVal": "A String", # The string value. 6436 "type": 42, # The type of the value. 6437 }, 6438 }, 6439 }, 6440 }, 6441 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6442 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6443 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6444 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6445 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6446 "A String", 6447 ], 6448 }, 6449 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6450 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6451 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6452 { # HTTPHeader describes a custom header to be used in HTTP probes 6453 "name": "A String", # The header field name 6454 "value": "A String", # The header field value 6455 }, 6456 ], 6457 "path": "A String", # Path to access on the HTTP server. +optional 6458 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6459 "intVal": 42, # The int value. 6460 "strVal": "A String", # The string value. 6461 "type": 42, # The type of the value. 6462 }, 6463 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6464 }, 6465 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6466 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6467 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6468 "intVal": 42, # The int value. 6469 "strVal": "A String", # The string value. 6470 "type": 42, # The type of the value. 6471 }, 6472 }, 6473 }, 6474 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6475 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6476 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6477 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6478 }, 6479 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 6480 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 6481 { # ContainerPort represents a network port in a single container. 6482 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 6483 "hostIP": "A String", # What host IP to bind the external port to. +optional 6484 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 6485 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 6486 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 6487 }, 6488 ], 6489 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6490 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6491 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6492 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6493 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6494 "A String", 6495 ], 6496 }, 6497 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6498 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6499 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6500 { # HTTPHeader describes a custom header to be used in HTTP probes 6501 "name": "A String", # The header field name 6502 "value": "A String", # The header field value 6503 }, 6504 ], 6505 "path": "A String", # Path to access on the HTTP server. +optional 6506 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6507 "intVal": 42, # The int value. 6508 "strVal": "A String", # The string value. 6509 "type": 42, # The type of the value. 6510 }, 6511 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6512 }, 6513 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6514 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6515 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6516 "intVal": 42, # The int value. 6517 "strVal": "A String", # The string value. 6518 "type": 42, # The type of the value. 6519 }, 6520 }, 6521 }, 6522 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6523 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6524 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6525 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6526 }, 6527 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 6528 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6529 "a_key": "A String", 6530 }, 6531 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 6532 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6533 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6534 }, 6535 }, 6536 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6537 "a_key": "A String", 6538 }, 6539 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 6540 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6541 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6542 }, 6543 }, 6544 }, 6545 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 6546 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 6547 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 6548 "add": [ # Added capabilities +optional 6549 "A String", 6550 ], 6551 "drop": [ # Removed capabilities +optional 6552 "A String", 6553 ], 6554 }, 6555 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 6556 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 6557 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6558 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6559 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6560 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6561 "level": "A String", # Level is SELinux level label that applies to the container. +optional 6562 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 6563 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 6564 "user": "A String", # User is a SELinux user label that applies to the container. +optional 6565 }, 6566 }, 6567 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 6568 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 6569 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 6570 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 6571 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 6572 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 6573 { # volumeDevice describes a mapping of a raw block device within a container. 6574 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 6575 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 6576 }, 6577 ], 6578 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 6579 { # VolumeMount describes a mounting of a Volume within a container. 6580 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 6581 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 6582 "name": "A String", # This must match the Name of a Volume. 6583 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 6584 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 6585 }, 6586 ], 6587 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 6588 }, 6589 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 6590 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 6591 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 6592 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6593 "A String", 6594 ], 6595 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6596 "A String", 6597 ], 6598 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 6599 { # EnvVar represents an environment variable present in a Container. 6600 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 6601 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 6602 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 6603 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 6604 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 6605 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6606 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6607 }, 6608 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 6609 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6610 }, 6611 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6612 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6613 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6614 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6615 }, 6616 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6617 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6618 }, 6619 }, 6620 }, 6621 ], 6622 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6623 { # EnvFromSource represents the source of a set of ConfigMaps 6624 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6625 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6626 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6627 }, 6628 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6629 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6630 }, 6631 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6632 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6633 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6634 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6635 }, 6636 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6637 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6638 }, 6639 }, 6640 ], 6641 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6642 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6643 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6644 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6645 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6646 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6647 "A String", 6648 ], 6649 }, 6650 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6651 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6652 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6653 { # HTTPHeader describes a custom header to be used in HTTP probes 6654 "name": "A String", # The header field name 6655 "value": "A String", # The header field value 6656 }, 6657 ], 6658 "path": "A String", # Path to access on the HTTP server. +optional 6659 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6660 "intVal": 42, # The int value. 6661 "strVal": "A String", # The string value. 6662 "type": 42, # The type of the value. 6663 }, 6664 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6665 }, 6666 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6667 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6668 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6669 "intVal": 42, # The int value. 6670 "strVal": "A String", # The string value. 6671 "type": 42, # The type of the value. 6672 }, 6673 }, 6674 }, 6675 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6676 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6677 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6678 "A String", 6679 ], 6680 }, 6681 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6682 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6683 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6684 { # HTTPHeader describes a custom header to be used in HTTP probes 6685 "name": "A String", # The header field name 6686 "value": "A String", # The header field value 6687 }, 6688 ], 6689 "path": "A String", # Path to access on the HTTP server. +optional 6690 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6691 "intVal": 42, # The int value. 6692 "strVal": "A String", # The string value. 6693 "type": 42, # The type of the value. 6694 }, 6695 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6696 }, 6697 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6698 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6699 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6700 "intVal": 42, # The int value. 6701 "strVal": "A String", # The string value. 6702 "type": 42, # The type of the value. 6703 }, 6704 }, 6705 }, 6706 }, 6707 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6708 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6709 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6710 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6711 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6712 "A String", 6713 ], 6714 }, 6715 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6716 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6717 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6718 { # HTTPHeader describes a custom header to be used in HTTP probes 6719 "name": "A String", # The header field name 6720 "value": "A String", # The header field value 6721 }, 6722 ], 6723 "path": "A String", # Path to access on the HTTP server. +optional 6724 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6725 "intVal": 42, # The int value. 6726 "strVal": "A String", # The string value. 6727 "type": 42, # The type of the value. 6728 }, 6729 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6730 }, 6731 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6732 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6733 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6734 "intVal": 42, # The int value. 6735 "strVal": "A String", # The string value. 6736 "type": 42, # The type of the value. 6737 }, 6738 }, 6739 }, 6740 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6741 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6742 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6743 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6744 }, 6745 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 6746 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 6747 { # ContainerPort represents a network port in a single container. 6748 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 6749 "hostIP": "A String", # What host IP to bind the external port to. +optional 6750 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 6751 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 6752 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 6753 }, 6754 ], 6755 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6756 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 6757 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 6758 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6759 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6760 "A String", 6761 ], 6762 }, 6763 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6764 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6765 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6766 { # HTTPHeader describes a custom header to be used in HTTP probes 6767 "name": "A String", # The header field name 6768 "value": "A String", # The header field value 6769 }, 6770 ], 6771 "path": "A String", # Path to access on the HTTP server. +optional 6772 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6773 "intVal": 42, # The int value. 6774 "strVal": "A String", # The string value. 6775 "type": 42, # The type of the value. 6776 }, 6777 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 6778 }, 6779 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 6780 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 6781 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 6782 "intVal": 42, # The int value. 6783 "strVal": "A String", # The string value. 6784 "type": 42, # The type of the value. 6785 }, 6786 }, 6787 }, 6788 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6789 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 6790 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 6791 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 6792 }, 6793 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 6794 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6795 "a_key": "A String", 6796 }, 6797 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 6798 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6799 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6800 }, 6801 }, 6802 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 6803 "a_key": "A String", 6804 }, 6805 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 6806 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 6807 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 6808 }, 6809 }, 6810 }, 6811 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 6812 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 6813 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 6814 "add": [ # Added capabilities +optional 6815 "A String", 6816 ], 6817 "drop": [ # Removed capabilities +optional 6818 "A String", 6819 ], 6820 }, 6821 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 6822 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 6823 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6824 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6825 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6826 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 6827 "level": "A String", # Level is SELinux level label that applies to the container. +optional 6828 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 6829 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 6830 "user": "A String", # User is a SELinux user label that applies to the container. +optional 6831 }, 6832 }, 6833 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 6834 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 6835 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 6836 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 6837 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 6838 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 6839 { # volumeDevice describes a mapping of a raw block device within a container. 6840 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 6841 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 6842 }, 6843 ], 6844 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 6845 { # VolumeMount describes a mounting of a Volume within a container. 6846 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 6847 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 6848 "name": "A String", # This must match the Name of a Volume. 6849 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 6850 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 6851 }, 6852 ], 6853 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 6854 }, 6855 ], 6856 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 6857 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 6858 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 6859 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 6860 "volumes": [ 6861 { # Volume represents a named volume in a container. 6862 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 6863 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6864 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6865 { # Maps a string key to a path within a volume. 6866 "key": "A String", # The key to project. 6867 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6868 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6869 }, 6870 ], 6871 "name": "A String", # Name of the config. 6872 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6873 }, 6874 "name": "A String", # Volume's name. 6875 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 6876 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 6877 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 6878 { # Maps a string key to a path within a volume. 6879 "key": "A String", # The key to project. 6880 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 6881 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 6882 }, 6883 ], 6884 "optional": True or False, # Specify whether the Secret or its keys must be defined. 6885 "secretName": "A String", # Name of the secret in the container's namespace to use. 6886 }, 6887 }, 6888 ], 6889 }, 6890 }, 6891 }, 6892 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 6893 "A String", 6894 ], 6895 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 6896 }, 6897 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 6898 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 6899 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 6900 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 6901 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 6902 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 6903 "a_key": "A String", 6904 }, 6905 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 6906 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6907 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 6908 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 6909 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 6910 "A String", 6911 ], 6912 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 6913 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 6914 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 6915 "a_key": "A String", 6916 }, 6917 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 6918 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 6919 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 6920 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 6921 "apiVersion": "A String", # API version of the referent. 6922 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 6923 "controller": True or False, # If true, this reference points to the managing controller. +optional 6924 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 6925 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 6926 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 6927 }, 6928 ], 6929 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 6930 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 6931 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 6932 }, 6933 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 6934 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 6935 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 6936 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6937 "A String", 6938 ], 6939 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 6940 "A String", 6941 ], 6942 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 6943 { # EnvVar represents an environment variable present in a Container. 6944 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 6945 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 6946 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 6947 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 6948 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 6949 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6950 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6951 }, 6952 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 6953 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 6954 }, 6955 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 6956 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 6957 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6958 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6959 }, 6960 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 6961 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 6962 }, 6963 }, 6964 }, 6965 ], 6966 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 6967 { # EnvFromSource represents the source of a set of ConfigMaps 6968 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 6969 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6970 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6971 }, 6972 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 6973 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 6974 }, 6975 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 6976 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 6977 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 6978 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 6979 }, 6980 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 6981 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 6982 }, 6983 }, 6984 ], 6985 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 6986 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 6987 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 6988 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 6989 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 6990 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 6991 "A String", 6992 ], 6993 }, 6994 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 6995 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 6996 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 6997 { # HTTPHeader describes a custom header to be used in HTTP probes 6998 "name": "A String", # The header field name 6999 "value": "A String", # The header field value 7000 }, 7001 ], 7002 "path": "A String", # Path to access on the HTTP server. +optional 7003 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7004 "intVal": 42, # The int value. 7005 "strVal": "A String", # The string value. 7006 "type": 42, # The type of the value. 7007 }, 7008 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7009 }, 7010 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7011 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7012 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7013 "intVal": 42, # The int value. 7014 "strVal": "A String", # The string value. 7015 "type": 42, # The type of the value. 7016 }, 7017 }, 7018 }, 7019 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7020 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7021 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7022 "A String", 7023 ], 7024 }, 7025 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7026 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7027 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7028 { # HTTPHeader describes a custom header to be used in HTTP probes 7029 "name": "A String", # The header field name 7030 "value": "A String", # The header field value 7031 }, 7032 ], 7033 "path": "A String", # Path to access on the HTTP server. +optional 7034 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7035 "intVal": 42, # The int value. 7036 "strVal": "A String", # The string value. 7037 "type": 42, # The type of the value. 7038 }, 7039 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7040 }, 7041 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7042 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7043 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7044 "intVal": 42, # The int value. 7045 "strVal": "A String", # The string value. 7046 "type": 42, # The type of the value. 7047 }, 7048 }, 7049 }, 7050 }, 7051 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7052 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7053 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7054 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7055 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7056 "A String", 7057 ], 7058 }, 7059 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7060 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7061 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7062 { # HTTPHeader describes a custom header to be used in HTTP probes 7063 "name": "A String", # The header field name 7064 "value": "A String", # The header field value 7065 }, 7066 ], 7067 "path": "A String", # Path to access on the HTTP server. +optional 7068 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7069 "intVal": 42, # The int value. 7070 "strVal": "A String", # The string value. 7071 "type": 42, # The type of the value. 7072 }, 7073 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7074 }, 7075 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7076 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7077 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7078 "intVal": 42, # The int value. 7079 "strVal": "A String", # The string value. 7080 "type": 42, # The type of the value. 7081 }, 7082 }, 7083 }, 7084 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7085 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7086 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7087 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7088 }, 7089 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7090 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7091 { # ContainerPort represents a network port in a single container. 7092 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7093 "hostIP": "A String", # What host IP to bind the external port to. +optional 7094 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7095 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7096 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7097 }, 7098 ], 7099 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7100 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7101 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7102 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7103 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7104 "A String", 7105 ], 7106 }, 7107 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7108 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7109 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7110 { # HTTPHeader describes a custom header to be used in HTTP probes 7111 "name": "A String", # The header field name 7112 "value": "A String", # The header field value 7113 }, 7114 ], 7115 "path": "A String", # Path to access on the HTTP server. +optional 7116 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7117 "intVal": 42, # The int value. 7118 "strVal": "A String", # The string value. 7119 "type": 42, # The type of the value. 7120 }, 7121 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7122 }, 7123 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7124 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7125 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7126 "intVal": 42, # The int value. 7127 "strVal": "A String", # The string value. 7128 "type": 42, # The type of the value. 7129 }, 7130 }, 7131 }, 7132 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7133 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7134 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7135 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7136 }, 7137 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 7138 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7139 "a_key": "A String", 7140 }, 7141 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 7142 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7143 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7144 }, 7145 }, 7146 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7147 "a_key": "A String", 7148 }, 7149 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 7150 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7151 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7152 }, 7153 }, 7154 }, 7155 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 7156 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 7157 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 7158 "add": [ # Added capabilities +optional 7159 "A String", 7160 ], 7161 "drop": [ # Removed capabilities +optional 7162 "A String", 7163 ], 7164 }, 7165 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 7166 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 7167 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7168 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7169 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7170 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7171 "level": "A String", # Level is SELinux level label that applies to the container. +optional 7172 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 7173 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 7174 "user": "A String", # User is a SELinux user label that applies to the container. +optional 7175 }, 7176 }, 7177 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 7178 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 7179 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 7180 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 7181 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 7182 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 7183 { # volumeDevice describes a mapping of a raw block device within a container. 7184 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 7185 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 7186 }, 7187 ], 7188 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 7189 { # VolumeMount describes a mounting of a Volume within a container. 7190 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 7191 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 7192 "name": "A String", # This must match the Name of a Volume. 7193 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 7194 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 7195 }, 7196 ], 7197 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 7198 }, 7199 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 7200 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 7201 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 7202 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7203 "A String", 7204 ], 7205 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7206 "A String", 7207 ], 7208 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 7209 { # EnvVar represents an environment variable present in a Container. 7210 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 7211 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 7212 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 7213 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 7214 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 7215 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7216 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7217 }, 7218 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 7219 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 7220 }, 7221 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 7222 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 7223 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7224 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7225 }, 7226 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 7227 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 7228 }, 7229 }, 7230 }, 7231 ], 7232 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 7233 { # EnvFromSource represents the source of a set of ConfigMaps 7234 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 7235 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7236 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7237 }, 7238 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 7239 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 7240 }, 7241 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 7242 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 7243 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7244 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7245 }, 7246 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 7247 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 7248 }, 7249 }, 7250 ], 7251 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 7252 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 7253 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 7254 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7255 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7256 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7257 "A String", 7258 ], 7259 }, 7260 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7261 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7262 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7263 { # HTTPHeader describes a custom header to be used in HTTP probes 7264 "name": "A String", # The header field name 7265 "value": "A String", # The header field value 7266 }, 7267 ], 7268 "path": "A String", # Path to access on the HTTP server. +optional 7269 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7270 "intVal": 42, # The int value. 7271 "strVal": "A String", # The string value. 7272 "type": 42, # The type of the value. 7273 }, 7274 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7275 }, 7276 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7277 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7278 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7279 "intVal": 42, # The int value. 7280 "strVal": "A String", # The string value. 7281 "type": 42, # The type of the value. 7282 }, 7283 }, 7284 }, 7285 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7286 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7287 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7288 "A String", 7289 ], 7290 }, 7291 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7292 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7293 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7294 { # HTTPHeader describes a custom header to be used in HTTP probes 7295 "name": "A String", # The header field name 7296 "value": "A String", # The header field value 7297 }, 7298 ], 7299 "path": "A String", # Path to access on the HTTP server. +optional 7300 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7301 "intVal": 42, # The int value. 7302 "strVal": "A String", # The string value. 7303 "type": 42, # The type of the value. 7304 }, 7305 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7306 }, 7307 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7308 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7309 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7310 "intVal": 42, # The int value. 7311 "strVal": "A String", # The string value. 7312 "type": 42, # The type of the value. 7313 }, 7314 }, 7315 }, 7316 }, 7317 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7318 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7319 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7320 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7321 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7322 "A String", 7323 ], 7324 }, 7325 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7326 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7327 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7328 { # HTTPHeader describes a custom header to be used in HTTP probes 7329 "name": "A String", # The header field name 7330 "value": "A String", # The header field value 7331 }, 7332 ], 7333 "path": "A String", # Path to access on the HTTP server. +optional 7334 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7335 "intVal": 42, # The int value. 7336 "strVal": "A String", # The string value. 7337 "type": 42, # The type of the value. 7338 }, 7339 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7340 }, 7341 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7342 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7343 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7344 "intVal": 42, # The int value. 7345 "strVal": "A String", # The string value. 7346 "type": 42, # The type of the value. 7347 }, 7348 }, 7349 }, 7350 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7351 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7352 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7353 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7354 }, 7355 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7356 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7357 { # ContainerPort represents a network port in a single container. 7358 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7359 "hostIP": "A String", # What host IP to bind the external port to. +optional 7360 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7361 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7362 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7363 }, 7364 ], 7365 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7366 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7367 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7368 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7369 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7370 "A String", 7371 ], 7372 }, 7373 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7374 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7375 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7376 { # HTTPHeader describes a custom header to be used in HTTP probes 7377 "name": "A String", # The header field name 7378 "value": "A String", # The header field value 7379 }, 7380 ], 7381 "path": "A String", # Path to access on the HTTP server. +optional 7382 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7383 "intVal": 42, # The int value. 7384 "strVal": "A String", # The string value. 7385 "type": 42, # The type of the value. 7386 }, 7387 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7388 }, 7389 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7390 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7391 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7392 "intVal": 42, # The int value. 7393 "strVal": "A String", # The string value. 7394 "type": 42, # The type of the value. 7395 }, 7396 }, 7397 }, 7398 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7399 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7400 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7401 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7402 }, 7403 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 7404 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7405 "a_key": "A String", 7406 }, 7407 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 7408 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7409 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7410 }, 7411 }, 7412 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7413 "a_key": "A String", 7414 }, 7415 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 7416 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7417 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7418 }, 7419 }, 7420 }, 7421 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 7422 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 7423 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 7424 "add": [ # Added capabilities +optional 7425 "A String", 7426 ], 7427 "drop": [ # Removed capabilities +optional 7428 "A String", 7429 ], 7430 }, 7431 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 7432 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 7433 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7434 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7435 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7436 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7437 "level": "A String", # Level is SELinux level label that applies to the container. +optional 7438 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 7439 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 7440 "user": "A String", # User is a SELinux user label that applies to the container. +optional 7441 }, 7442 }, 7443 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 7444 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 7445 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 7446 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 7447 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 7448 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 7449 { # volumeDevice describes a mapping of a raw block device within a container. 7450 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 7451 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 7452 }, 7453 ], 7454 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 7455 { # VolumeMount describes a mounting of a Volume within a container. 7456 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 7457 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 7458 "name": "A String", # This must match the Name of a Volume. 7459 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 7460 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 7461 }, 7462 ], 7463 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 7464 }, 7465 ], 7466 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 7467 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 7468 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 7469 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 7470 "volumes": [ 7471 { # Volume represents a named volume in a container. 7472 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 7473 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 7474 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 7475 { # Maps a string key to a path within a volume. 7476 "key": "A String", # The key to project. 7477 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 7478 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 7479 }, 7480 ], 7481 "name": "A String", # Name of the config. 7482 "optional": True or False, # Specify whether the Secret or its keys must be defined. 7483 }, 7484 "name": "A String", # Volume's name. 7485 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 7486 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 7487 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 7488 { # Maps a string key to a path within a volume. 7489 "key": "A String", # The key to project. 7490 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 7491 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 7492 }, 7493 ], 7494 "optional": True or False, # Specify whether the Secret or its keys must be defined. 7495 "secretName": "A String", # Name of the secret in the container's namespace to use. 7496 }, 7497 }, 7498 ], 7499 }, 7500 }, 7501 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 7502 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 7503 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 7504 "a_key": "A String", 7505 }, 7506 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 7507 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 7508 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 7509 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 7510 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 7511 "A String", 7512 ], 7513 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 7514 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 7515 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 7516 "a_key": "A String", 7517 }, 7518 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 7519 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 7520 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 7521 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 7522 "apiVersion": "A String", # API version of the referent. 7523 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 7524 "controller": True or False, # If true, this reference points to the managing controller. +optional 7525 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 7526 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 7527 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 7528 }, 7529 ], 7530 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 7531 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 7532 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 7533 }, 7534 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 7535 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 7536 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 7537 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7538 "A String", 7539 ], 7540 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7541 "A String", 7542 ], 7543 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 7544 { # EnvVar represents an environment variable present in a Container. 7545 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 7546 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 7547 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 7548 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 7549 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 7550 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7551 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7552 }, 7553 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 7554 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 7555 }, 7556 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 7557 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 7558 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7559 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7560 }, 7561 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 7562 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 7563 }, 7564 }, 7565 }, 7566 ], 7567 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 7568 { # EnvFromSource represents the source of a set of ConfigMaps 7569 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 7570 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7571 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7572 }, 7573 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 7574 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 7575 }, 7576 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 7577 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 7578 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7579 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7580 }, 7581 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 7582 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 7583 }, 7584 }, 7585 ], 7586 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 7587 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 7588 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 7589 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7590 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7591 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7592 "A String", 7593 ], 7594 }, 7595 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7596 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7597 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7598 { # HTTPHeader describes a custom header to be used in HTTP probes 7599 "name": "A String", # The header field name 7600 "value": "A String", # The header field value 7601 }, 7602 ], 7603 "path": "A String", # Path to access on the HTTP server. +optional 7604 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7605 "intVal": 42, # The int value. 7606 "strVal": "A String", # The string value. 7607 "type": 42, # The type of the value. 7608 }, 7609 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7610 }, 7611 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7612 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7613 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7614 "intVal": 42, # The int value. 7615 "strVal": "A String", # The string value. 7616 "type": 42, # The type of the value. 7617 }, 7618 }, 7619 }, 7620 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7621 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7622 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7623 "A String", 7624 ], 7625 }, 7626 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7627 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7628 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7629 { # HTTPHeader describes a custom header to be used in HTTP probes 7630 "name": "A String", # The header field name 7631 "value": "A String", # The header field value 7632 }, 7633 ], 7634 "path": "A String", # Path to access on the HTTP server. +optional 7635 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7636 "intVal": 42, # The int value. 7637 "strVal": "A String", # The string value. 7638 "type": 42, # The type of the value. 7639 }, 7640 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7641 }, 7642 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7643 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7644 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7645 "intVal": 42, # The int value. 7646 "strVal": "A String", # The string value. 7647 "type": 42, # The type of the value. 7648 }, 7649 }, 7650 }, 7651 }, 7652 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7653 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7654 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7655 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7656 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7657 "A String", 7658 ], 7659 }, 7660 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7661 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7662 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7663 { # HTTPHeader describes a custom header to be used in HTTP probes 7664 "name": "A String", # The header field name 7665 "value": "A String", # The header field value 7666 }, 7667 ], 7668 "path": "A String", # Path to access on the HTTP server. +optional 7669 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7670 "intVal": 42, # The int value. 7671 "strVal": "A String", # The string value. 7672 "type": 42, # The type of the value. 7673 }, 7674 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7675 }, 7676 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7677 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7678 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7679 "intVal": 42, # The int value. 7680 "strVal": "A String", # The string value. 7681 "type": 42, # The type of the value. 7682 }, 7683 }, 7684 }, 7685 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7686 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7687 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7688 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7689 }, 7690 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7691 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7692 { # ContainerPort represents a network port in a single container. 7693 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7694 "hostIP": "A String", # What host IP to bind the external port to. +optional 7695 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7696 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7697 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7698 }, 7699 ], 7700 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7701 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7702 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7703 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7704 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7705 "A String", 7706 ], 7707 }, 7708 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7709 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7710 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7711 { # HTTPHeader describes a custom header to be used in HTTP probes 7712 "name": "A String", # The header field name 7713 "value": "A String", # The header field value 7714 }, 7715 ], 7716 "path": "A String", # Path to access on the HTTP server. +optional 7717 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7718 "intVal": 42, # The int value. 7719 "strVal": "A String", # The string value. 7720 "type": 42, # The type of the value. 7721 }, 7722 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7723 }, 7724 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7725 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7726 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7727 "intVal": 42, # The int value. 7728 "strVal": "A String", # The string value. 7729 "type": 42, # The type of the value. 7730 }, 7731 }, 7732 }, 7733 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7734 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7735 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7736 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7737 }, 7738 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 7739 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7740 "a_key": "A String", 7741 }, 7742 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 7743 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7744 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7745 }, 7746 }, 7747 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 7748 "a_key": "A String", 7749 }, 7750 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 7751 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 7752 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 7753 }, 7754 }, 7755 }, 7756 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 7757 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 7758 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 7759 "add": [ # Added capabilities +optional 7760 "A String", 7761 ], 7762 "drop": [ # Removed capabilities +optional 7763 "A String", 7764 ], 7765 }, 7766 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 7767 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 7768 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7769 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7770 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7771 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 7772 "level": "A String", # Level is SELinux level label that applies to the container. +optional 7773 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 7774 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 7775 "user": "A String", # User is a SELinux user label that applies to the container. +optional 7776 }, 7777 }, 7778 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 7779 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 7780 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 7781 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 7782 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 7783 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 7784 { # volumeDevice describes a mapping of a raw block device within a container. 7785 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 7786 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 7787 }, 7788 ], 7789 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 7790 { # VolumeMount describes a mounting of a Volume within a container. 7791 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 7792 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 7793 "name": "A String", # This must match the Name of a Volume. 7794 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 7795 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 7796 }, 7797 ], 7798 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 7799 }, 7800 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 7801 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 7802 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 7803 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7804 "A String", 7805 ], 7806 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 7807 "A String", 7808 ], 7809 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 7810 { # EnvVar represents an environment variable present in a Container. 7811 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 7812 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 7813 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 7814 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 7815 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 7816 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7817 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7818 }, 7819 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 7820 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 7821 }, 7822 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 7823 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 7824 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7825 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7826 }, 7827 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 7828 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 7829 }, 7830 }, 7831 }, 7832 ], 7833 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 7834 { # EnvFromSource represents the source of a set of ConfigMaps 7835 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 7836 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7837 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7838 }, 7839 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 7840 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 7841 }, 7842 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 7843 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 7844 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 7845 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 7846 }, 7847 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 7848 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 7849 }, 7850 }, 7851 ], 7852 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 7853 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 7854 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 7855 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7856 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7857 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7858 "A String", 7859 ], 7860 }, 7861 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7862 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7863 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7864 { # HTTPHeader describes a custom header to be used in HTTP probes 7865 "name": "A String", # The header field name 7866 "value": "A String", # The header field value 7867 }, 7868 ], 7869 "path": "A String", # Path to access on the HTTP server. +optional 7870 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7871 "intVal": 42, # The int value. 7872 "strVal": "A String", # The string value. 7873 "type": 42, # The type of the value. 7874 }, 7875 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7876 }, 7877 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7878 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7879 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7880 "intVal": 42, # The int value. 7881 "strVal": "A String", # The string value. 7882 "type": 42, # The type of the value. 7883 }, 7884 }, 7885 }, 7886 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 7887 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7888 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7889 "A String", 7890 ], 7891 }, 7892 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7893 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7894 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7895 { # HTTPHeader describes a custom header to be used in HTTP probes 7896 "name": "A String", # The header field name 7897 "value": "A String", # The header field value 7898 }, 7899 ], 7900 "path": "A String", # Path to access on the HTTP server. +optional 7901 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7902 "intVal": 42, # The int value. 7903 "strVal": "A String", # The string value. 7904 "type": 42, # The type of the value. 7905 }, 7906 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7907 }, 7908 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7909 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7910 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7911 "intVal": 42, # The int value. 7912 "strVal": "A String", # The string value. 7913 "type": 42, # The type of the value. 7914 }, 7915 }, 7916 }, 7917 }, 7918 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7919 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7920 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7921 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7922 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7923 "A String", 7924 ], 7925 }, 7926 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7927 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7928 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7929 { # HTTPHeader describes a custom header to be used in HTTP probes 7930 "name": "A String", # The header field name 7931 "value": "A String", # The header field value 7932 }, 7933 ], 7934 "path": "A String", # Path to access on the HTTP server. +optional 7935 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7936 "intVal": 42, # The int value. 7937 "strVal": "A String", # The string value. 7938 "type": 42, # The type of the value. 7939 }, 7940 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7941 }, 7942 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7943 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7944 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7945 "intVal": 42, # The int value. 7946 "strVal": "A String", # The string value. 7947 "type": 42, # The type of the value. 7948 }, 7949 }, 7950 }, 7951 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7952 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 7953 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 7954 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7955 }, 7956 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 7957 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 7958 { # ContainerPort represents a network port in a single container. 7959 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 7960 "hostIP": "A String", # What host IP to bind the external port to. +optional 7961 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 7962 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 7963 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 7964 }, 7965 ], 7966 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 7967 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 7968 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 7969 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 7970 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 7971 "A String", 7972 ], 7973 }, 7974 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 7975 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 7976 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 7977 { # HTTPHeader describes a custom header to be used in HTTP probes 7978 "name": "A String", # The header field name 7979 "value": "A String", # The header field value 7980 }, 7981 ], 7982 "path": "A String", # Path to access on the HTTP server. +optional 7983 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7984 "intVal": 42, # The int value. 7985 "strVal": "A String", # The string value. 7986 "type": 42, # The type of the value. 7987 }, 7988 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 7989 }, 7990 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 7991 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 7992 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 7993 "intVal": 42, # The int value. 7994 "strVal": "A String", # The string value. 7995 "type": 42, # The type of the value. 7996 }, 7997 }, 7998 }, 7999 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8000 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8001 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8002 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8003 }, 8004 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 8005 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8006 "a_key": "A String", 8007 }, 8008 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 8009 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8010 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8011 }, 8012 }, 8013 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8014 "a_key": "A String", 8015 }, 8016 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 8017 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8018 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8019 }, 8020 }, 8021 }, 8022 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 8023 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 8024 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 8025 "add": [ # Added capabilities +optional 8026 "A String", 8027 ], 8028 "drop": [ # Removed capabilities +optional 8029 "A String", 8030 ], 8031 }, 8032 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 8033 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 8034 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8035 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8036 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8037 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8038 "level": "A String", # Level is SELinux level label that applies to the container. +optional 8039 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 8040 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 8041 "user": "A String", # User is a SELinux user label that applies to the container. +optional 8042 }, 8043 }, 8044 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 8045 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 8046 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 8047 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 8048 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 8049 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 8050 { # volumeDevice describes a mapping of a raw block device within a container. 8051 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 8052 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 8053 }, 8054 ], 8055 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 8056 { # VolumeMount describes a mounting of a Volume within a container. 8057 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 8058 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 8059 "name": "A String", # This must match the Name of a Volume. 8060 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 8061 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 8062 }, 8063 ], 8064 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 8065 }, 8066 ], 8067 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8068 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 8069 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 8070 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 8071 "volumes": [ 8072 { # Volume represents a named volume in a container. 8073 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 8074 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8075 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8076 { # Maps a string key to a path within a volume. 8077 "key": "A String", # The key to project. 8078 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8079 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8080 }, 8081 ], 8082 "name": "A String", # Name of the config. 8083 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8084 }, 8085 "name": "A String", # Volume's name. 8086 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 8087 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8088 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8089 { # Maps a string key to a path within a volume. 8090 "key": "A String", # The key to project. 8091 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8092 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8093 }, 8094 ], 8095 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8096 "secretName": "A String", # Name of the secret in the container's namespace to use. 8097 }, 8098 }, 8099 ], 8100 }, 8101 }, 8102 }, 8103 }, 8104 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 8105 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 8106 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 8107 "a_key": "A String", 8108 }, 8109 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 8110 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8111 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 8112 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8113 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 8114 "A String", 8115 ], 8116 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 8117 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 8118 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 8119 "a_key": "A String", 8120 }, 8121 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 8122 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 8123 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 8124 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 8125 "apiVersion": "A String", # API version of the referent. 8126 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 8127 "controller": True or False, # If true, this reference points to the managing controller. +optional 8128 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 8129 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 8130 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 8131 }, 8132 ], 8133 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 8134 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 8135 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 8136 }, 8137 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 8138 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 8139 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 8140 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8141 "A String", 8142 ], 8143 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8144 "A String", 8145 ], 8146 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 8147 { # EnvVar represents an environment variable present in a Container. 8148 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 8149 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 8150 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 8151 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 8152 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 8153 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8154 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8155 }, 8156 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 8157 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 8158 }, 8159 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 8160 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 8161 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8162 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8163 }, 8164 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 8165 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 8166 }, 8167 }, 8168 }, 8169 ], 8170 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 8171 { # EnvFromSource represents the source of a set of ConfigMaps 8172 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 8173 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8174 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8175 }, 8176 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 8177 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 8178 }, 8179 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 8180 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 8181 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8182 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8183 }, 8184 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 8185 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 8186 }, 8187 }, 8188 ], 8189 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 8190 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 8191 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 8192 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8193 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8194 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8195 "A String", 8196 ], 8197 }, 8198 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8199 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8200 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8201 { # HTTPHeader describes a custom header to be used in HTTP probes 8202 "name": "A String", # The header field name 8203 "value": "A String", # The header field value 8204 }, 8205 ], 8206 "path": "A String", # Path to access on the HTTP server. +optional 8207 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8208 "intVal": 42, # The int value. 8209 "strVal": "A String", # The string value. 8210 "type": 42, # The type of the value. 8211 }, 8212 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8213 }, 8214 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8215 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8216 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8217 "intVal": 42, # The int value. 8218 "strVal": "A String", # The string value. 8219 "type": 42, # The type of the value. 8220 }, 8221 }, 8222 }, 8223 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8224 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8225 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8226 "A String", 8227 ], 8228 }, 8229 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8230 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8231 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8232 { # HTTPHeader describes a custom header to be used in HTTP probes 8233 "name": "A String", # The header field name 8234 "value": "A String", # The header field value 8235 }, 8236 ], 8237 "path": "A String", # Path to access on the HTTP server. +optional 8238 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8239 "intVal": 42, # The int value. 8240 "strVal": "A String", # The string value. 8241 "type": 42, # The type of the value. 8242 }, 8243 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8244 }, 8245 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8246 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8247 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8248 "intVal": 42, # The int value. 8249 "strVal": "A String", # The string value. 8250 "type": 42, # The type of the value. 8251 }, 8252 }, 8253 }, 8254 }, 8255 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8256 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8257 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8258 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8259 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8260 "A String", 8261 ], 8262 }, 8263 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8264 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8265 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8266 { # HTTPHeader describes a custom header to be used in HTTP probes 8267 "name": "A String", # The header field name 8268 "value": "A String", # The header field value 8269 }, 8270 ], 8271 "path": "A String", # Path to access on the HTTP server. +optional 8272 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8273 "intVal": 42, # The int value. 8274 "strVal": "A String", # The string value. 8275 "type": 42, # The type of the value. 8276 }, 8277 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8278 }, 8279 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8280 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8281 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8282 "intVal": 42, # The int value. 8283 "strVal": "A String", # The string value. 8284 "type": 42, # The type of the value. 8285 }, 8286 }, 8287 }, 8288 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8289 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8290 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8291 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8292 }, 8293 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 8294 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 8295 { # ContainerPort represents a network port in a single container. 8296 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 8297 "hostIP": "A String", # What host IP to bind the external port to. +optional 8298 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 8299 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 8300 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 8301 }, 8302 ], 8303 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8304 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8305 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8306 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8307 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8308 "A String", 8309 ], 8310 }, 8311 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8312 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8313 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8314 { # HTTPHeader describes a custom header to be used in HTTP probes 8315 "name": "A String", # The header field name 8316 "value": "A String", # The header field value 8317 }, 8318 ], 8319 "path": "A String", # Path to access on the HTTP server. +optional 8320 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8321 "intVal": 42, # The int value. 8322 "strVal": "A String", # The string value. 8323 "type": 42, # The type of the value. 8324 }, 8325 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8326 }, 8327 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8328 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8329 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8330 "intVal": 42, # The int value. 8331 "strVal": "A String", # The string value. 8332 "type": 42, # The type of the value. 8333 }, 8334 }, 8335 }, 8336 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8337 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8338 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8339 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8340 }, 8341 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 8342 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8343 "a_key": "A String", 8344 }, 8345 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 8346 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8347 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8348 }, 8349 }, 8350 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8351 "a_key": "A String", 8352 }, 8353 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 8354 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8355 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8356 }, 8357 }, 8358 }, 8359 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 8360 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 8361 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 8362 "add": [ # Added capabilities +optional 8363 "A String", 8364 ], 8365 "drop": [ # Removed capabilities +optional 8366 "A String", 8367 ], 8368 }, 8369 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 8370 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 8371 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8372 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8373 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8374 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8375 "level": "A String", # Level is SELinux level label that applies to the container. +optional 8376 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 8377 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 8378 "user": "A String", # User is a SELinux user label that applies to the container. +optional 8379 }, 8380 }, 8381 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 8382 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 8383 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 8384 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 8385 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 8386 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 8387 { # volumeDevice describes a mapping of a raw block device within a container. 8388 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 8389 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 8390 }, 8391 ], 8392 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 8393 { # VolumeMount describes a mounting of a Volume within a container. 8394 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 8395 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 8396 "name": "A String", # This must match the Name of a Volume. 8397 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 8398 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 8399 }, 8400 ], 8401 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 8402 }, 8403 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 8404 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 8405 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 8406 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8407 "A String", 8408 ], 8409 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8410 "A String", 8411 ], 8412 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 8413 { # EnvVar represents an environment variable present in a Container. 8414 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 8415 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 8416 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 8417 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 8418 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 8419 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8420 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8421 }, 8422 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 8423 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 8424 }, 8425 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 8426 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 8427 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8428 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8429 }, 8430 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 8431 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 8432 }, 8433 }, 8434 }, 8435 ], 8436 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 8437 { # EnvFromSource represents the source of a set of ConfigMaps 8438 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 8439 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8440 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8441 }, 8442 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 8443 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 8444 }, 8445 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 8446 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 8447 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8448 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8449 }, 8450 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 8451 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 8452 }, 8453 }, 8454 ], 8455 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 8456 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 8457 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 8458 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8459 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8460 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8461 "A String", 8462 ], 8463 }, 8464 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8465 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8466 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8467 { # HTTPHeader describes a custom header to be used in HTTP probes 8468 "name": "A String", # The header field name 8469 "value": "A String", # The header field value 8470 }, 8471 ], 8472 "path": "A String", # Path to access on the HTTP server. +optional 8473 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8474 "intVal": 42, # The int value. 8475 "strVal": "A String", # The string value. 8476 "type": 42, # The type of the value. 8477 }, 8478 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8479 }, 8480 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8481 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8482 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8483 "intVal": 42, # The int value. 8484 "strVal": "A String", # The string value. 8485 "type": 42, # The type of the value. 8486 }, 8487 }, 8488 }, 8489 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8490 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8491 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8492 "A String", 8493 ], 8494 }, 8495 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8496 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8497 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8498 { # HTTPHeader describes a custom header to be used in HTTP probes 8499 "name": "A String", # The header field name 8500 "value": "A String", # The header field value 8501 }, 8502 ], 8503 "path": "A String", # Path to access on the HTTP server. +optional 8504 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8505 "intVal": 42, # The int value. 8506 "strVal": "A String", # The string value. 8507 "type": 42, # The type of the value. 8508 }, 8509 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8510 }, 8511 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8512 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8513 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8514 "intVal": 42, # The int value. 8515 "strVal": "A String", # The string value. 8516 "type": 42, # The type of the value. 8517 }, 8518 }, 8519 }, 8520 }, 8521 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8522 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8523 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8524 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8525 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8526 "A String", 8527 ], 8528 }, 8529 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8530 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8531 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8532 { # HTTPHeader describes a custom header to be used in HTTP probes 8533 "name": "A String", # The header field name 8534 "value": "A String", # The header field value 8535 }, 8536 ], 8537 "path": "A String", # Path to access on the HTTP server. +optional 8538 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8539 "intVal": 42, # The int value. 8540 "strVal": "A String", # The string value. 8541 "type": 42, # The type of the value. 8542 }, 8543 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8544 }, 8545 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8546 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8547 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8548 "intVal": 42, # The int value. 8549 "strVal": "A String", # The string value. 8550 "type": 42, # The type of the value. 8551 }, 8552 }, 8553 }, 8554 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8555 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8556 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8557 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8558 }, 8559 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 8560 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 8561 { # ContainerPort represents a network port in a single container. 8562 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 8563 "hostIP": "A String", # What host IP to bind the external port to. +optional 8564 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 8565 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 8566 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 8567 }, 8568 ], 8569 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8570 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8571 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8572 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8573 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8574 "A String", 8575 ], 8576 }, 8577 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8578 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8579 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8580 { # HTTPHeader describes a custom header to be used in HTTP probes 8581 "name": "A String", # The header field name 8582 "value": "A String", # The header field value 8583 }, 8584 ], 8585 "path": "A String", # Path to access on the HTTP server. +optional 8586 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8587 "intVal": 42, # The int value. 8588 "strVal": "A String", # The string value. 8589 "type": 42, # The type of the value. 8590 }, 8591 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8592 }, 8593 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8594 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8595 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8596 "intVal": 42, # The int value. 8597 "strVal": "A String", # The string value. 8598 "type": 42, # The type of the value. 8599 }, 8600 }, 8601 }, 8602 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8603 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 8604 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 8605 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8606 }, 8607 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 8608 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8609 "a_key": "A String", 8610 }, 8611 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 8612 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8613 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8614 }, 8615 }, 8616 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 8617 "a_key": "A String", 8618 }, 8619 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 8620 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 8621 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 8622 }, 8623 }, 8624 }, 8625 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 8626 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 8627 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 8628 "add": [ # Added capabilities +optional 8629 "A String", 8630 ], 8631 "drop": [ # Removed capabilities +optional 8632 "A String", 8633 ], 8634 }, 8635 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 8636 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 8637 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8638 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8639 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8640 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 8641 "level": "A String", # Level is SELinux level label that applies to the container. +optional 8642 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 8643 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 8644 "user": "A String", # User is a SELinux user label that applies to the container. +optional 8645 }, 8646 }, 8647 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 8648 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 8649 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 8650 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 8651 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 8652 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 8653 { # volumeDevice describes a mapping of a raw block device within a container. 8654 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 8655 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 8656 }, 8657 ], 8658 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 8659 { # VolumeMount describes a mounting of a Volume within a container. 8660 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 8661 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 8662 "name": "A String", # This must match the Name of a Volume. 8663 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 8664 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 8665 }, 8666 ], 8667 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 8668 }, 8669 ], 8670 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8671 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 8672 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 8673 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 8674 "volumes": [ 8675 { # Volume represents a named volume in a container. 8676 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 8677 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8678 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8679 { # Maps a string key to a path within a volume. 8680 "key": "A String", # The key to project. 8681 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8682 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8683 }, 8684 ], 8685 "name": "A String", # Name of the config. 8686 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8687 }, 8688 "name": "A String", # Volume's name. 8689 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 8690 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 8691 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 8692 { # Maps a string key to a path within a volume. 8693 "key": "A String", # The key to project. 8694 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 8695 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 8696 }, 8697 ], 8698 "optional": True or False, # Specify whether the Secret or its keys must be defined. 8699 "secretName": "A String", # Name of the secret in the container's namespace to use. 8700 }, 8701 }, 8702 ], 8703 }, 8704 }, 8705 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 8706 { # TrafficTarget holds a single entry of the routing table for a Route. 8707 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 8708 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 8709 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 8710 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 8711 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 8712 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 8713 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 8714 }, 8715 ], 8716 }, 8717 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 8718 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 8719 "hostname": "A String", # Deprecated - use url instead. 8720 "url": "A String", 8721 }, 8722 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 8723 { # ServiceCondition defines a readiness condition for a Service. 8724 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 8725 "message": "A String", # Human-readable message indicating details about last transition. +optional 8726 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 8727 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 8728 "status": "A String", # Status of the condition, one of True, False, Unknown. 8729 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 8730 }, 8731 ], 8732 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 8733 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 8734 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 8735 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 8736 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 8737 { # TrafficTarget holds a single entry of the routing table for a Route. 8738 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 8739 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 8740 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 8741 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 8742 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 8743 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 8744 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 8745 }, 8746 ], 8747 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 8748 }, 8749}</pre> 8750</div> 8751 8752<div class="method"> 8753 <code class="details" id="delete">delete(name, apiVersion=None, kind=None, orphanDependents=None, propagationPolicy=None, x__xgafv=None)</code> 8754 <pre>Rpc to delete a service. This will cause the Service to stop serving traffic and will delete the child entities like Routes, Configurations and Revisions. 8755 8756Args: 8757 name: string, The name of the service being deleted. If needed, replace {namespace_id} with the project ID. (required) 8758 apiVersion: string, Cloud Run currently ignores this parameter. 8759 kind: string, Cloud Run currently ignores this parameter. 8760 orphanDependents: boolean, Deprecated. Specifies the cascade behavior on delete. Cloud Run only supports cascading behavior, so this must be false. This attribute is deprecated, and is now replaced with PropagationPolicy See https://github.com/kubernetes/kubernetes/issues/46659 for more info. 8761 propagationPolicy: string, Specifies the propagation policy of delete. Cloud Run currently ignores this setting, and deletes in the background. Please see kubernetes.io/docs/concepts/workloads/controllers/garbage-collection/ for more information. 8762 x__xgafv: string, V1 error format. 8763 Allowed values 8764 1 - v1 error format 8765 2 - v2 error format 8766 8767Returns: 8768 An object of the form: 8769 8770 { # A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); } The JSON representation for `Empty` is empty JSON object `{}`. 8771}</pre> 8772</div> 8773 8774<div class="method"> 8775 <code class="details" id="get">get(name, x__xgafv=None)</code> 8776 <pre>Rpc to get information about a service. 8777 8778Args: 8779 name: string, The name of the service being retrieved. If needed, replace {namespace_id} with the project ID. (required) 8780 x__xgafv: string, V1 error format. 8781 Allowed values 8782 1 - v1 error format 8783 2 - v2 error format 8784 8785Returns: 8786 An object of the form: 8787 8788 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 8789 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 8790 "kind": "A String", # The kind of resource, in this case "Service". 8791 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 8792 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 8793 "a_key": "A String", 8794 }, 8795 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 8796 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8797 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 8798 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8799 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 8800 "A String", 8801 ], 8802 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 8803 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 8804 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 8805 "a_key": "A String", 8806 }, 8807 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 8808 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 8809 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 8810 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 8811 "apiVersion": "A String", # API version of the referent. 8812 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 8813 "controller": True or False, # If true, this reference points to the managing controller. +optional 8814 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 8815 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 8816 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 8817 }, 8818 ], 8819 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 8820 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 8821 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 8822 }, 8823 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 8824 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8825 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 8826 }, 8827 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 8828 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 8829 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 8830 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 8831 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 8832 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 8833 "a_key": "A String", 8834 }, 8835 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 8836 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8837 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 8838 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 8839 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 8840 "A String", 8841 ], 8842 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 8843 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 8844 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 8845 "a_key": "A String", 8846 }, 8847 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 8848 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 8849 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 8850 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 8851 "apiVersion": "A String", # API version of the referent. 8852 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 8853 "controller": True or False, # If true, this reference points to the managing controller. +optional 8854 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 8855 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 8856 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 8857 }, 8858 ], 8859 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 8860 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 8861 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 8862 }, 8863 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 8864 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 8865 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 8866 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8867 "A String", 8868 ], 8869 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 8870 "A String", 8871 ], 8872 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 8873 { # EnvVar represents an environment variable present in a Container. 8874 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 8875 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 8876 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 8877 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 8878 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 8879 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8880 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8881 }, 8882 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 8883 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 8884 }, 8885 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 8886 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 8887 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8888 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8889 }, 8890 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 8891 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 8892 }, 8893 }, 8894 }, 8895 ], 8896 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 8897 { # EnvFromSource represents the source of a set of ConfigMaps 8898 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 8899 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8900 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8901 }, 8902 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 8903 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 8904 }, 8905 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 8906 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 8907 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 8908 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 8909 }, 8910 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 8911 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 8912 }, 8913 }, 8914 ], 8915 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 8916 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 8917 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 8918 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8919 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8920 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8921 "A String", 8922 ], 8923 }, 8924 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8925 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8926 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8927 { # HTTPHeader describes a custom header to be used in HTTP probes 8928 "name": "A String", # The header field name 8929 "value": "A String", # The header field value 8930 }, 8931 ], 8932 "path": "A String", # Path to access on the HTTP server. +optional 8933 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8934 "intVal": 42, # The int value. 8935 "strVal": "A String", # The string value. 8936 "type": 42, # The type of the value. 8937 }, 8938 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8939 }, 8940 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8941 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8942 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8943 "intVal": 42, # The int value. 8944 "strVal": "A String", # The string value. 8945 "type": 42, # The type of the value. 8946 }, 8947 }, 8948 }, 8949 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 8950 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8951 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8952 "A String", 8953 ], 8954 }, 8955 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8956 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8957 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8958 { # HTTPHeader describes a custom header to be used in HTTP probes 8959 "name": "A String", # The header field name 8960 "value": "A String", # The header field value 8961 }, 8962 ], 8963 "path": "A String", # Path to access on the HTTP server. +optional 8964 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8965 "intVal": 42, # The int value. 8966 "strVal": "A String", # The string value. 8967 "type": 42, # The type of the value. 8968 }, 8969 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 8970 }, 8971 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 8972 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 8973 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8974 "intVal": 42, # The int value. 8975 "strVal": "A String", # The string value. 8976 "type": 42, # The type of the value. 8977 }, 8978 }, 8979 }, 8980 }, 8981 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 8982 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 8983 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 8984 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 8985 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 8986 "A String", 8987 ], 8988 }, 8989 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 8990 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 8991 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 8992 { # HTTPHeader describes a custom header to be used in HTTP probes 8993 "name": "A String", # The header field name 8994 "value": "A String", # The header field value 8995 }, 8996 ], 8997 "path": "A String", # Path to access on the HTTP server. +optional 8998 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 8999 "intVal": 42, # The int value. 9000 "strVal": "A String", # The string value. 9001 "type": 42, # The type of the value. 9002 }, 9003 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9004 }, 9005 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9006 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9007 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9008 "intVal": 42, # The int value. 9009 "strVal": "A String", # The string value. 9010 "type": 42, # The type of the value. 9011 }, 9012 }, 9013 }, 9014 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9015 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9016 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9017 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9018 }, 9019 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9020 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9021 { # ContainerPort represents a network port in a single container. 9022 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9023 "hostIP": "A String", # What host IP to bind the external port to. +optional 9024 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9025 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9026 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9027 }, 9028 ], 9029 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9030 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9031 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9032 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9033 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9034 "A String", 9035 ], 9036 }, 9037 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9038 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9039 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9040 { # HTTPHeader describes a custom header to be used in HTTP probes 9041 "name": "A String", # The header field name 9042 "value": "A String", # The header field value 9043 }, 9044 ], 9045 "path": "A String", # Path to access on the HTTP server. +optional 9046 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9047 "intVal": 42, # The int value. 9048 "strVal": "A String", # The string value. 9049 "type": 42, # The type of the value. 9050 }, 9051 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9052 }, 9053 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9054 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9055 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9056 "intVal": 42, # The int value. 9057 "strVal": "A String", # The string value. 9058 "type": 42, # The type of the value. 9059 }, 9060 }, 9061 }, 9062 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9063 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9064 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9065 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9066 }, 9067 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9068 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9069 "a_key": "A String", 9070 }, 9071 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9072 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9073 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9074 }, 9075 }, 9076 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9077 "a_key": "A String", 9078 }, 9079 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9080 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9081 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9082 }, 9083 }, 9084 }, 9085 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9086 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9087 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9088 "add": [ # Added capabilities +optional 9089 "A String", 9090 ], 9091 "drop": [ # Removed capabilities +optional 9092 "A String", 9093 ], 9094 }, 9095 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9096 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9097 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9098 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9099 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9100 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9101 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9102 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9103 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9104 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9105 }, 9106 }, 9107 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9108 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9109 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9110 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9111 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9112 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9113 { # volumeDevice describes a mapping of a raw block device within a container. 9114 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9115 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9116 }, 9117 ], 9118 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9119 { # VolumeMount describes a mounting of a Volume within a container. 9120 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9121 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9122 "name": "A String", # This must match the Name of a Volume. 9123 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9124 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9125 }, 9126 ], 9127 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9128 }, 9129 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 9130 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 9131 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 9132 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9133 "A String", 9134 ], 9135 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9136 "A String", 9137 ], 9138 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 9139 { # EnvVar represents an environment variable present in a Container. 9140 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 9141 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 9142 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 9143 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 9144 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 9145 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9146 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9147 }, 9148 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 9149 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 9150 }, 9151 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 9152 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 9153 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9154 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9155 }, 9156 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 9157 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 9158 }, 9159 }, 9160 }, 9161 ], 9162 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 9163 { # EnvFromSource represents the source of a set of ConfigMaps 9164 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 9165 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9166 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9167 }, 9168 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 9169 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 9170 }, 9171 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 9172 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 9173 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9174 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9175 }, 9176 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 9177 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 9178 }, 9179 }, 9180 ], 9181 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 9182 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 9183 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 9184 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9185 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9186 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9187 "A String", 9188 ], 9189 }, 9190 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9191 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9192 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9193 { # HTTPHeader describes a custom header to be used in HTTP probes 9194 "name": "A String", # The header field name 9195 "value": "A String", # The header field value 9196 }, 9197 ], 9198 "path": "A String", # Path to access on the HTTP server. +optional 9199 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9200 "intVal": 42, # The int value. 9201 "strVal": "A String", # The string value. 9202 "type": 42, # The type of the value. 9203 }, 9204 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9205 }, 9206 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9207 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9208 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9209 "intVal": 42, # The int value. 9210 "strVal": "A String", # The string value. 9211 "type": 42, # The type of the value. 9212 }, 9213 }, 9214 }, 9215 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9216 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9217 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9218 "A String", 9219 ], 9220 }, 9221 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9222 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9223 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9224 { # HTTPHeader describes a custom header to be used in HTTP probes 9225 "name": "A String", # The header field name 9226 "value": "A String", # The header field value 9227 }, 9228 ], 9229 "path": "A String", # Path to access on the HTTP server. +optional 9230 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9231 "intVal": 42, # The int value. 9232 "strVal": "A String", # The string value. 9233 "type": 42, # The type of the value. 9234 }, 9235 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9236 }, 9237 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9238 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9239 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9240 "intVal": 42, # The int value. 9241 "strVal": "A String", # The string value. 9242 "type": 42, # The type of the value. 9243 }, 9244 }, 9245 }, 9246 }, 9247 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9248 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9249 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9250 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9251 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9252 "A String", 9253 ], 9254 }, 9255 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9256 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9257 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9258 { # HTTPHeader describes a custom header to be used in HTTP probes 9259 "name": "A String", # The header field name 9260 "value": "A String", # The header field value 9261 }, 9262 ], 9263 "path": "A String", # Path to access on the HTTP server. +optional 9264 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9265 "intVal": 42, # The int value. 9266 "strVal": "A String", # The string value. 9267 "type": 42, # The type of the value. 9268 }, 9269 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9270 }, 9271 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9272 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9273 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9274 "intVal": 42, # The int value. 9275 "strVal": "A String", # The string value. 9276 "type": 42, # The type of the value. 9277 }, 9278 }, 9279 }, 9280 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9281 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9282 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9283 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9284 }, 9285 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9286 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9287 { # ContainerPort represents a network port in a single container. 9288 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9289 "hostIP": "A String", # What host IP to bind the external port to. +optional 9290 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9291 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9292 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9293 }, 9294 ], 9295 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9296 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9297 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9298 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9299 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9300 "A String", 9301 ], 9302 }, 9303 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9304 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9305 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9306 { # HTTPHeader describes a custom header to be used in HTTP probes 9307 "name": "A String", # The header field name 9308 "value": "A String", # The header field value 9309 }, 9310 ], 9311 "path": "A String", # Path to access on the HTTP server. +optional 9312 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9313 "intVal": 42, # The int value. 9314 "strVal": "A String", # The string value. 9315 "type": 42, # The type of the value. 9316 }, 9317 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9318 }, 9319 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9320 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9321 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9322 "intVal": 42, # The int value. 9323 "strVal": "A String", # The string value. 9324 "type": 42, # The type of the value. 9325 }, 9326 }, 9327 }, 9328 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9329 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9330 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9331 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9332 }, 9333 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9334 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9335 "a_key": "A String", 9336 }, 9337 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9338 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9339 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9340 }, 9341 }, 9342 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9343 "a_key": "A String", 9344 }, 9345 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9346 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9347 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9348 }, 9349 }, 9350 }, 9351 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9352 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9353 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9354 "add": [ # Added capabilities +optional 9355 "A String", 9356 ], 9357 "drop": [ # Removed capabilities +optional 9358 "A String", 9359 ], 9360 }, 9361 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9362 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9363 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9364 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9365 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9366 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9367 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9368 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9369 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9370 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9371 }, 9372 }, 9373 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9374 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9375 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9376 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9377 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9378 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9379 { # volumeDevice describes a mapping of a raw block device within a container. 9380 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9381 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9382 }, 9383 ], 9384 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9385 { # VolumeMount describes a mounting of a Volume within a container. 9386 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9387 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9388 "name": "A String", # This must match the Name of a Volume. 9389 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9390 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9391 }, 9392 ], 9393 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9394 }, 9395 ], 9396 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 9397 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 9398 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 9399 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 9400 "volumes": [ 9401 { # Volume represents a named volume in a container. 9402 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 9403 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 9404 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 9405 { # Maps a string key to a path within a volume. 9406 "key": "A String", # The key to project. 9407 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 9408 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 9409 }, 9410 ], 9411 "name": "A String", # Name of the config. 9412 "optional": True or False, # Specify whether the Secret or its keys must be defined. 9413 }, 9414 "name": "A String", # Volume's name. 9415 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 9416 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 9417 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 9418 { # Maps a string key to a path within a volume. 9419 "key": "A String", # The key to project. 9420 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 9421 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 9422 }, 9423 ], 9424 "optional": True or False, # Specify whether the Secret or its keys must be defined. 9425 "secretName": "A String", # Name of the secret in the container's namespace to use. 9426 }, 9427 }, 9428 ], 9429 }, 9430 }, 9431 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 9432 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 9433 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 9434 "a_key": "A String", 9435 }, 9436 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 9437 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 9438 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 9439 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 9440 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 9441 "A String", 9442 ], 9443 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 9444 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 9445 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 9446 "a_key": "A String", 9447 }, 9448 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 9449 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 9450 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 9451 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 9452 "apiVersion": "A String", # API version of the referent. 9453 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 9454 "controller": True or False, # If true, this reference points to the managing controller. +optional 9455 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 9456 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 9457 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 9458 }, 9459 ], 9460 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 9461 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 9462 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 9463 }, 9464 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 9465 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 9466 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 9467 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9468 "A String", 9469 ], 9470 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9471 "A String", 9472 ], 9473 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 9474 { # EnvVar represents an environment variable present in a Container. 9475 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 9476 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 9477 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 9478 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 9479 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 9480 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9481 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9482 }, 9483 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 9484 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 9485 }, 9486 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 9487 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 9488 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9489 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9490 }, 9491 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 9492 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 9493 }, 9494 }, 9495 }, 9496 ], 9497 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 9498 { # EnvFromSource represents the source of a set of ConfigMaps 9499 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 9500 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9501 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9502 }, 9503 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 9504 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 9505 }, 9506 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 9507 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 9508 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9509 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9510 }, 9511 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 9512 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 9513 }, 9514 }, 9515 ], 9516 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 9517 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 9518 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 9519 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9520 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9521 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9522 "A String", 9523 ], 9524 }, 9525 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9526 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9527 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9528 { # HTTPHeader describes a custom header to be used in HTTP probes 9529 "name": "A String", # The header field name 9530 "value": "A String", # The header field value 9531 }, 9532 ], 9533 "path": "A String", # Path to access on the HTTP server. +optional 9534 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9535 "intVal": 42, # The int value. 9536 "strVal": "A String", # The string value. 9537 "type": 42, # The type of the value. 9538 }, 9539 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9540 }, 9541 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9542 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9543 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9544 "intVal": 42, # The int value. 9545 "strVal": "A String", # The string value. 9546 "type": 42, # The type of the value. 9547 }, 9548 }, 9549 }, 9550 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9551 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9552 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9553 "A String", 9554 ], 9555 }, 9556 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9557 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9558 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9559 { # HTTPHeader describes a custom header to be used in HTTP probes 9560 "name": "A String", # The header field name 9561 "value": "A String", # The header field value 9562 }, 9563 ], 9564 "path": "A String", # Path to access on the HTTP server. +optional 9565 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9566 "intVal": 42, # The int value. 9567 "strVal": "A String", # The string value. 9568 "type": 42, # The type of the value. 9569 }, 9570 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9571 }, 9572 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9573 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9574 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9575 "intVal": 42, # The int value. 9576 "strVal": "A String", # The string value. 9577 "type": 42, # The type of the value. 9578 }, 9579 }, 9580 }, 9581 }, 9582 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9583 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9584 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9585 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9586 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9587 "A String", 9588 ], 9589 }, 9590 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9591 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9592 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9593 { # HTTPHeader describes a custom header to be used in HTTP probes 9594 "name": "A String", # The header field name 9595 "value": "A String", # The header field value 9596 }, 9597 ], 9598 "path": "A String", # Path to access on the HTTP server. +optional 9599 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9600 "intVal": 42, # The int value. 9601 "strVal": "A String", # The string value. 9602 "type": 42, # The type of the value. 9603 }, 9604 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9605 }, 9606 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9607 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9608 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9609 "intVal": 42, # The int value. 9610 "strVal": "A String", # The string value. 9611 "type": 42, # The type of the value. 9612 }, 9613 }, 9614 }, 9615 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9616 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9617 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9618 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9619 }, 9620 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9621 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9622 { # ContainerPort represents a network port in a single container. 9623 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9624 "hostIP": "A String", # What host IP to bind the external port to. +optional 9625 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9626 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9627 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9628 }, 9629 ], 9630 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9631 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9632 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9633 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9634 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9635 "A String", 9636 ], 9637 }, 9638 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9639 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9640 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9641 { # HTTPHeader describes a custom header to be used in HTTP probes 9642 "name": "A String", # The header field name 9643 "value": "A String", # The header field value 9644 }, 9645 ], 9646 "path": "A String", # Path to access on the HTTP server. +optional 9647 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9648 "intVal": 42, # The int value. 9649 "strVal": "A String", # The string value. 9650 "type": 42, # The type of the value. 9651 }, 9652 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9653 }, 9654 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9655 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9656 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9657 "intVal": 42, # The int value. 9658 "strVal": "A String", # The string value. 9659 "type": 42, # The type of the value. 9660 }, 9661 }, 9662 }, 9663 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9664 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9665 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9666 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9667 }, 9668 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9669 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9670 "a_key": "A String", 9671 }, 9672 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9673 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9674 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9675 }, 9676 }, 9677 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9678 "a_key": "A String", 9679 }, 9680 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9681 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9682 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9683 }, 9684 }, 9685 }, 9686 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9687 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9688 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9689 "add": [ # Added capabilities +optional 9690 "A String", 9691 ], 9692 "drop": [ # Removed capabilities +optional 9693 "A String", 9694 ], 9695 }, 9696 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9697 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9698 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9699 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9700 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9701 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9702 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9703 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9704 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9705 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9706 }, 9707 }, 9708 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9709 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9710 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9711 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9712 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9713 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9714 { # volumeDevice describes a mapping of a raw block device within a container. 9715 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9716 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9717 }, 9718 ], 9719 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9720 { # VolumeMount describes a mounting of a Volume within a container. 9721 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9722 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9723 "name": "A String", # This must match the Name of a Volume. 9724 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9725 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9726 }, 9727 ], 9728 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9729 }, 9730 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 9731 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 9732 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 9733 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9734 "A String", 9735 ], 9736 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 9737 "A String", 9738 ], 9739 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 9740 { # EnvVar represents an environment variable present in a Container. 9741 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 9742 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 9743 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 9744 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 9745 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 9746 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9747 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9748 }, 9749 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 9750 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 9751 }, 9752 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 9753 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 9754 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9755 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9756 }, 9757 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 9758 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 9759 }, 9760 }, 9761 }, 9762 ], 9763 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 9764 { # EnvFromSource represents the source of a set of ConfigMaps 9765 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 9766 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9767 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9768 }, 9769 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 9770 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 9771 }, 9772 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 9773 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 9774 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 9775 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 9776 }, 9777 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 9778 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 9779 }, 9780 }, 9781 ], 9782 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 9783 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 9784 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 9785 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9786 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9787 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9788 "A String", 9789 ], 9790 }, 9791 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9792 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9793 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9794 { # HTTPHeader describes a custom header to be used in HTTP probes 9795 "name": "A String", # The header field name 9796 "value": "A String", # The header field value 9797 }, 9798 ], 9799 "path": "A String", # Path to access on the HTTP server. +optional 9800 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9801 "intVal": 42, # The int value. 9802 "strVal": "A String", # The string value. 9803 "type": 42, # The type of the value. 9804 }, 9805 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9806 }, 9807 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9808 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9809 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9810 "intVal": 42, # The int value. 9811 "strVal": "A String", # The string value. 9812 "type": 42, # The type of the value. 9813 }, 9814 }, 9815 }, 9816 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 9817 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9818 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9819 "A String", 9820 ], 9821 }, 9822 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9823 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9824 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9825 { # HTTPHeader describes a custom header to be used in HTTP probes 9826 "name": "A String", # The header field name 9827 "value": "A String", # The header field value 9828 }, 9829 ], 9830 "path": "A String", # Path to access on the HTTP server. +optional 9831 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9832 "intVal": 42, # The int value. 9833 "strVal": "A String", # The string value. 9834 "type": 42, # The type of the value. 9835 }, 9836 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9837 }, 9838 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9839 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9840 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9841 "intVal": 42, # The int value. 9842 "strVal": "A String", # The string value. 9843 "type": 42, # The type of the value. 9844 }, 9845 }, 9846 }, 9847 }, 9848 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9849 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9850 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9851 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9852 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9853 "A String", 9854 ], 9855 }, 9856 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9857 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9858 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9859 { # HTTPHeader describes a custom header to be used in HTTP probes 9860 "name": "A String", # The header field name 9861 "value": "A String", # The header field value 9862 }, 9863 ], 9864 "path": "A String", # Path to access on the HTTP server. +optional 9865 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9866 "intVal": 42, # The int value. 9867 "strVal": "A String", # The string value. 9868 "type": 42, # The type of the value. 9869 }, 9870 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9871 }, 9872 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9873 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9874 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9875 "intVal": 42, # The int value. 9876 "strVal": "A String", # The string value. 9877 "type": 42, # The type of the value. 9878 }, 9879 }, 9880 }, 9881 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9882 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9883 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9884 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9885 }, 9886 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 9887 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 9888 { # ContainerPort represents a network port in a single container. 9889 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 9890 "hostIP": "A String", # What host IP to bind the external port to. +optional 9891 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 9892 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 9893 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 9894 }, 9895 ], 9896 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9897 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 9898 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 9899 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 9900 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 9901 "A String", 9902 ], 9903 }, 9904 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 9905 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 9906 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 9907 { # HTTPHeader describes a custom header to be used in HTTP probes 9908 "name": "A String", # The header field name 9909 "value": "A String", # The header field value 9910 }, 9911 ], 9912 "path": "A String", # Path to access on the HTTP server. +optional 9913 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9914 "intVal": 42, # The int value. 9915 "strVal": "A String", # The string value. 9916 "type": 42, # The type of the value. 9917 }, 9918 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 9919 }, 9920 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 9921 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 9922 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 9923 "intVal": 42, # The int value. 9924 "strVal": "A String", # The string value. 9925 "type": 42, # The type of the value. 9926 }, 9927 }, 9928 }, 9929 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9930 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 9931 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 9932 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 9933 }, 9934 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 9935 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9936 "a_key": "A String", 9937 }, 9938 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 9939 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9940 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9941 }, 9942 }, 9943 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 9944 "a_key": "A String", 9945 }, 9946 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 9947 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 9948 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 9949 }, 9950 }, 9951 }, 9952 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 9953 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 9954 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 9955 "add": [ # Added capabilities +optional 9956 "A String", 9957 ], 9958 "drop": [ # Removed capabilities +optional 9959 "A String", 9960 ], 9961 }, 9962 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 9963 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 9964 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9965 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9966 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9967 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 9968 "level": "A String", # Level is SELinux level label that applies to the container. +optional 9969 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 9970 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 9971 "user": "A String", # User is a SELinux user label that applies to the container. +optional 9972 }, 9973 }, 9974 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 9975 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 9976 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 9977 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 9978 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 9979 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 9980 { # volumeDevice describes a mapping of a raw block device within a container. 9981 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 9982 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 9983 }, 9984 ], 9985 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 9986 { # VolumeMount describes a mounting of a Volume within a container. 9987 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 9988 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 9989 "name": "A String", # This must match the Name of a Volume. 9990 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 9991 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 9992 }, 9993 ], 9994 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 9995 }, 9996 ], 9997 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 9998 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 9999 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 10000 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 10001 "volumes": [ 10002 { # Volume represents a named volume in a container. 10003 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 10004 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 10005 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 10006 { # Maps a string key to a path within a volume. 10007 "key": "A String", # The key to project. 10008 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10009 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10010 }, 10011 ], 10012 "name": "A String", # Name of the config. 10013 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10014 }, 10015 "name": "A String", # Volume's name. 10016 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 10017 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 10018 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 10019 { # Maps a string key to a path within a volume. 10020 "key": "A String", # The key to project. 10021 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10022 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10023 }, 10024 ], 10025 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10026 "secretName": "A String", # Name of the secret in the container's namespace to use. 10027 }, 10028 }, 10029 ], 10030 }, 10031 }, 10032 }, 10033 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 10034 }, 10035 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 10036 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 10037 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 10038 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 10039 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 10040 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 10041 "a_key": "A String", 10042 }, 10043 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 10044 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10045 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 10046 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10047 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 10048 "A String", 10049 ], 10050 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 10051 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 10052 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 10053 "a_key": "A String", 10054 }, 10055 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 10056 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 10057 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 10058 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 10059 "apiVersion": "A String", # API version of the referent. 10060 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 10061 "controller": True or False, # If true, this reference points to the managing controller. +optional 10062 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 10063 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 10064 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 10065 }, 10066 ], 10067 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 10068 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 10069 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 10070 }, 10071 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 10072 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 10073 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 10074 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10075 "A String", 10076 ], 10077 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10078 "A String", 10079 ], 10080 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10081 { # EnvVar represents an environment variable present in a Container. 10082 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10083 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10084 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10085 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10086 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10087 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10088 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10089 }, 10090 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10091 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10092 }, 10093 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10094 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10095 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10096 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10097 }, 10098 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10099 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10100 }, 10101 }, 10102 }, 10103 ], 10104 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10105 { # EnvFromSource represents the source of a set of ConfigMaps 10106 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10107 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10108 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10109 }, 10110 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10111 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10112 }, 10113 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10114 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10115 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10116 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10117 }, 10118 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10119 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10120 }, 10121 }, 10122 ], 10123 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10124 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10125 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10126 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10127 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10128 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10129 "A String", 10130 ], 10131 }, 10132 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10133 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10134 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10135 { # HTTPHeader describes a custom header to be used in HTTP probes 10136 "name": "A String", # The header field name 10137 "value": "A String", # The header field value 10138 }, 10139 ], 10140 "path": "A String", # Path to access on the HTTP server. +optional 10141 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10142 "intVal": 42, # The int value. 10143 "strVal": "A String", # The string value. 10144 "type": 42, # The type of the value. 10145 }, 10146 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10147 }, 10148 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10149 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10150 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10151 "intVal": 42, # The int value. 10152 "strVal": "A String", # The string value. 10153 "type": 42, # The type of the value. 10154 }, 10155 }, 10156 }, 10157 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10158 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10159 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10160 "A String", 10161 ], 10162 }, 10163 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10164 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10165 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10166 { # HTTPHeader describes a custom header to be used in HTTP probes 10167 "name": "A String", # The header field name 10168 "value": "A String", # The header field value 10169 }, 10170 ], 10171 "path": "A String", # Path to access on the HTTP server. +optional 10172 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10173 "intVal": 42, # The int value. 10174 "strVal": "A String", # The string value. 10175 "type": 42, # The type of the value. 10176 }, 10177 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10178 }, 10179 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10180 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10181 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10182 "intVal": 42, # The int value. 10183 "strVal": "A String", # The string value. 10184 "type": 42, # The type of the value. 10185 }, 10186 }, 10187 }, 10188 }, 10189 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10190 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10191 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10192 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10193 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10194 "A String", 10195 ], 10196 }, 10197 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10198 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10199 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10200 { # HTTPHeader describes a custom header to be used in HTTP probes 10201 "name": "A String", # The header field name 10202 "value": "A String", # The header field value 10203 }, 10204 ], 10205 "path": "A String", # Path to access on the HTTP server. +optional 10206 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10207 "intVal": 42, # The int value. 10208 "strVal": "A String", # The string value. 10209 "type": 42, # The type of the value. 10210 }, 10211 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10212 }, 10213 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10214 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10215 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10216 "intVal": 42, # The int value. 10217 "strVal": "A String", # The string value. 10218 "type": 42, # The type of the value. 10219 }, 10220 }, 10221 }, 10222 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10223 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10224 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10225 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10226 }, 10227 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 10228 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 10229 { # ContainerPort represents a network port in a single container. 10230 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 10231 "hostIP": "A String", # What host IP to bind the external port to. +optional 10232 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 10233 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 10234 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 10235 }, 10236 ], 10237 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10238 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10239 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10240 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10241 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10242 "A String", 10243 ], 10244 }, 10245 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10246 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10247 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10248 { # HTTPHeader describes a custom header to be used in HTTP probes 10249 "name": "A String", # The header field name 10250 "value": "A String", # The header field value 10251 }, 10252 ], 10253 "path": "A String", # Path to access on the HTTP server. +optional 10254 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10255 "intVal": 42, # The int value. 10256 "strVal": "A String", # The string value. 10257 "type": 42, # The type of the value. 10258 }, 10259 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10260 }, 10261 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10262 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10263 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10264 "intVal": 42, # The int value. 10265 "strVal": "A String", # The string value. 10266 "type": 42, # The type of the value. 10267 }, 10268 }, 10269 }, 10270 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10271 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10272 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10273 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10274 }, 10275 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 10276 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10277 "a_key": "A String", 10278 }, 10279 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 10280 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10281 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10282 }, 10283 }, 10284 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10285 "a_key": "A String", 10286 }, 10287 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 10288 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10289 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10290 }, 10291 }, 10292 }, 10293 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 10294 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 10295 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 10296 "add": [ # Added capabilities +optional 10297 "A String", 10298 ], 10299 "drop": [ # Removed capabilities +optional 10300 "A String", 10301 ], 10302 }, 10303 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 10304 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 10305 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10306 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10307 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10308 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10309 "level": "A String", # Level is SELinux level label that applies to the container. +optional 10310 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 10311 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 10312 "user": "A String", # User is a SELinux user label that applies to the container. +optional 10313 }, 10314 }, 10315 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 10316 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 10317 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 10318 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 10319 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 10320 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 10321 { # volumeDevice describes a mapping of a raw block device within a container. 10322 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 10323 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 10324 }, 10325 ], 10326 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 10327 { # VolumeMount describes a mounting of a Volume within a container. 10328 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 10329 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 10330 "name": "A String", # This must match the Name of a Volume. 10331 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 10332 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 10333 }, 10334 ], 10335 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 10336 }, 10337 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 10338 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 10339 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 10340 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10341 "A String", 10342 ], 10343 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10344 "A String", 10345 ], 10346 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10347 { # EnvVar represents an environment variable present in a Container. 10348 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10349 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10350 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10351 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10352 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10353 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10354 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10355 }, 10356 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10357 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10358 }, 10359 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10360 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10361 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10362 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10363 }, 10364 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10365 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10366 }, 10367 }, 10368 }, 10369 ], 10370 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10371 { # EnvFromSource represents the source of a set of ConfigMaps 10372 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10373 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10374 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10375 }, 10376 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10377 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10378 }, 10379 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10380 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10381 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10382 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10383 }, 10384 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10385 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10386 }, 10387 }, 10388 ], 10389 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10390 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10391 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10392 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10393 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10394 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10395 "A String", 10396 ], 10397 }, 10398 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10399 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10400 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10401 { # HTTPHeader describes a custom header to be used in HTTP probes 10402 "name": "A String", # The header field name 10403 "value": "A String", # The header field value 10404 }, 10405 ], 10406 "path": "A String", # Path to access on the HTTP server. +optional 10407 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10408 "intVal": 42, # The int value. 10409 "strVal": "A String", # The string value. 10410 "type": 42, # The type of the value. 10411 }, 10412 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10413 }, 10414 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10415 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10416 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10417 "intVal": 42, # The int value. 10418 "strVal": "A String", # The string value. 10419 "type": 42, # The type of the value. 10420 }, 10421 }, 10422 }, 10423 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10424 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10425 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10426 "A String", 10427 ], 10428 }, 10429 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10430 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10431 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10432 { # HTTPHeader describes a custom header to be used in HTTP probes 10433 "name": "A String", # The header field name 10434 "value": "A String", # The header field value 10435 }, 10436 ], 10437 "path": "A String", # Path to access on the HTTP server. +optional 10438 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10439 "intVal": 42, # The int value. 10440 "strVal": "A String", # The string value. 10441 "type": 42, # The type of the value. 10442 }, 10443 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10444 }, 10445 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10446 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10447 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10448 "intVal": 42, # The int value. 10449 "strVal": "A String", # The string value. 10450 "type": 42, # The type of the value. 10451 }, 10452 }, 10453 }, 10454 }, 10455 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10456 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10457 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10458 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10459 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10460 "A String", 10461 ], 10462 }, 10463 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10464 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10465 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10466 { # HTTPHeader describes a custom header to be used in HTTP probes 10467 "name": "A String", # The header field name 10468 "value": "A String", # The header field value 10469 }, 10470 ], 10471 "path": "A String", # Path to access on the HTTP server. +optional 10472 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10473 "intVal": 42, # The int value. 10474 "strVal": "A String", # The string value. 10475 "type": 42, # The type of the value. 10476 }, 10477 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10478 }, 10479 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10480 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10481 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10482 "intVal": 42, # The int value. 10483 "strVal": "A String", # The string value. 10484 "type": 42, # The type of the value. 10485 }, 10486 }, 10487 }, 10488 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10489 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10490 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10491 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10492 }, 10493 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 10494 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 10495 { # ContainerPort represents a network port in a single container. 10496 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 10497 "hostIP": "A String", # What host IP to bind the external port to. +optional 10498 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 10499 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 10500 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 10501 }, 10502 ], 10503 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10504 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10505 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10506 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10507 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10508 "A String", 10509 ], 10510 }, 10511 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10512 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10513 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10514 { # HTTPHeader describes a custom header to be used in HTTP probes 10515 "name": "A String", # The header field name 10516 "value": "A String", # The header field value 10517 }, 10518 ], 10519 "path": "A String", # Path to access on the HTTP server. +optional 10520 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10521 "intVal": 42, # The int value. 10522 "strVal": "A String", # The string value. 10523 "type": 42, # The type of the value. 10524 }, 10525 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10526 }, 10527 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10528 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10529 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10530 "intVal": 42, # The int value. 10531 "strVal": "A String", # The string value. 10532 "type": 42, # The type of the value. 10533 }, 10534 }, 10535 }, 10536 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10537 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10538 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10539 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10540 }, 10541 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 10542 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10543 "a_key": "A String", 10544 }, 10545 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 10546 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10547 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10548 }, 10549 }, 10550 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10551 "a_key": "A String", 10552 }, 10553 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 10554 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10555 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10556 }, 10557 }, 10558 }, 10559 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 10560 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 10561 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 10562 "add": [ # Added capabilities +optional 10563 "A String", 10564 ], 10565 "drop": [ # Removed capabilities +optional 10566 "A String", 10567 ], 10568 }, 10569 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 10570 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 10571 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10572 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10573 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10574 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10575 "level": "A String", # Level is SELinux level label that applies to the container. +optional 10576 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 10577 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 10578 "user": "A String", # User is a SELinux user label that applies to the container. +optional 10579 }, 10580 }, 10581 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 10582 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 10583 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 10584 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 10585 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 10586 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 10587 { # volumeDevice describes a mapping of a raw block device within a container. 10588 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 10589 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 10590 }, 10591 ], 10592 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 10593 { # VolumeMount describes a mounting of a Volume within a container. 10594 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 10595 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 10596 "name": "A String", # This must match the Name of a Volume. 10597 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 10598 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 10599 }, 10600 ], 10601 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 10602 }, 10603 ], 10604 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 10605 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 10606 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 10607 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 10608 "volumes": [ 10609 { # Volume represents a named volume in a container. 10610 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 10611 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 10612 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 10613 { # Maps a string key to a path within a volume. 10614 "key": "A String", # The key to project. 10615 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10616 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10617 }, 10618 ], 10619 "name": "A String", # Name of the config. 10620 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10621 }, 10622 "name": "A String", # Volume's name. 10623 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 10624 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 10625 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 10626 { # Maps a string key to a path within a volume. 10627 "key": "A String", # The key to project. 10628 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 10629 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 10630 }, 10631 ], 10632 "optional": True or False, # Specify whether the Secret or its keys must be defined. 10633 "secretName": "A String", # Name of the secret in the container's namespace to use. 10634 }, 10635 }, 10636 ], 10637 }, 10638 }, 10639 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 10640 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 10641 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 10642 "a_key": "A String", 10643 }, 10644 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 10645 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10646 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 10647 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 10648 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 10649 "A String", 10650 ], 10651 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 10652 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 10653 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 10654 "a_key": "A String", 10655 }, 10656 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 10657 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 10658 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 10659 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 10660 "apiVersion": "A String", # API version of the referent. 10661 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 10662 "controller": True or False, # If true, this reference points to the managing controller. +optional 10663 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 10664 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 10665 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 10666 }, 10667 ], 10668 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 10669 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 10670 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 10671 }, 10672 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 10673 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 10674 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 10675 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10676 "A String", 10677 ], 10678 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10679 "A String", 10680 ], 10681 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10682 { # EnvVar represents an environment variable present in a Container. 10683 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10684 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10685 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10686 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10687 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10688 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10689 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10690 }, 10691 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10692 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10693 }, 10694 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10695 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10696 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10697 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10698 }, 10699 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10700 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10701 }, 10702 }, 10703 }, 10704 ], 10705 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10706 { # EnvFromSource represents the source of a set of ConfigMaps 10707 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10708 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10709 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10710 }, 10711 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10712 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10713 }, 10714 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10715 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10716 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10717 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10718 }, 10719 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10720 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10721 }, 10722 }, 10723 ], 10724 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10725 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10726 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10727 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10728 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10729 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10730 "A String", 10731 ], 10732 }, 10733 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10734 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10735 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10736 { # HTTPHeader describes a custom header to be used in HTTP probes 10737 "name": "A String", # The header field name 10738 "value": "A String", # The header field value 10739 }, 10740 ], 10741 "path": "A String", # Path to access on the HTTP server. +optional 10742 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10743 "intVal": 42, # The int value. 10744 "strVal": "A String", # The string value. 10745 "type": 42, # The type of the value. 10746 }, 10747 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10748 }, 10749 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10750 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10751 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10752 "intVal": 42, # The int value. 10753 "strVal": "A String", # The string value. 10754 "type": 42, # The type of the value. 10755 }, 10756 }, 10757 }, 10758 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10759 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10760 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10761 "A String", 10762 ], 10763 }, 10764 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10765 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10766 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10767 { # HTTPHeader describes a custom header to be used in HTTP probes 10768 "name": "A String", # The header field name 10769 "value": "A String", # The header field value 10770 }, 10771 ], 10772 "path": "A String", # Path to access on the HTTP server. +optional 10773 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10774 "intVal": 42, # The int value. 10775 "strVal": "A String", # The string value. 10776 "type": 42, # The type of the value. 10777 }, 10778 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10779 }, 10780 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10781 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10782 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10783 "intVal": 42, # The int value. 10784 "strVal": "A String", # The string value. 10785 "type": 42, # The type of the value. 10786 }, 10787 }, 10788 }, 10789 }, 10790 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10791 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10792 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10793 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10794 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10795 "A String", 10796 ], 10797 }, 10798 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10799 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10800 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10801 { # HTTPHeader describes a custom header to be used in HTTP probes 10802 "name": "A String", # The header field name 10803 "value": "A String", # The header field value 10804 }, 10805 ], 10806 "path": "A String", # Path to access on the HTTP server. +optional 10807 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10808 "intVal": 42, # The int value. 10809 "strVal": "A String", # The string value. 10810 "type": 42, # The type of the value. 10811 }, 10812 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10813 }, 10814 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10815 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10816 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10817 "intVal": 42, # The int value. 10818 "strVal": "A String", # The string value. 10819 "type": 42, # The type of the value. 10820 }, 10821 }, 10822 }, 10823 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10824 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10825 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10826 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10827 }, 10828 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 10829 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 10830 { # ContainerPort represents a network port in a single container. 10831 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 10832 "hostIP": "A String", # What host IP to bind the external port to. +optional 10833 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 10834 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 10835 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 10836 }, 10837 ], 10838 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10839 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 10840 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 10841 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10842 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10843 "A String", 10844 ], 10845 }, 10846 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 10847 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 10848 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 10849 { # HTTPHeader describes a custom header to be used in HTTP probes 10850 "name": "A String", # The header field name 10851 "value": "A String", # The header field value 10852 }, 10853 ], 10854 "path": "A String", # Path to access on the HTTP server. +optional 10855 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10856 "intVal": 42, # The int value. 10857 "strVal": "A String", # The string value. 10858 "type": 42, # The type of the value. 10859 }, 10860 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 10861 }, 10862 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 10863 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 10864 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 10865 "intVal": 42, # The int value. 10866 "strVal": "A String", # The string value. 10867 "type": 42, # The type of the value. 10868 }, 10869 }, 10870 }, 10871 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10872 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 10873 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 10874 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 10875 }, 10876 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 10877 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10878 "a_key": "A String", 10879 }, 10880 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 10881 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10882 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10883 }, 10884 }, 10885 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 10886 "a_key": "A String", 10887 }, 10888 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 10889 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 10890 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 10891 }, 10892 }, 10893 }, 10894 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 10895 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 10896 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 10897 "add": [ # Added capabilities +optional 10898 "A String", 10899 ], 10900 "drop": [ # Removed capabilities +optional 10901 "A String", 10902 ], 10903 }, 10904 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 10905 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 10906 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10907 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10908 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10909 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 10910 "level": "A String", # Level is SELinux level label that applies to the container. +optional 10911 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 10912 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 10913 "user": "A String", # User is a SELinux user label that applies to the container. +optional 10914 }, 10915 }, 10916 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 10917 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 10918 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 10919 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 10920 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 10921 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 10922 { # volumeDevice describes a mapping of a raw block device within a container. 10923 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 10924 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 10925 }, 10926 ], 10927 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 10928 { # VolumeMount describes a mounting of a Volume within a container. 10929 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 10930 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 10931 "name": "A String", # This must match the Name of a Volume. 10932 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 10933 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 10934 }, 10935 ], 10936 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 10937 }, 10938 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 10939 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 10940 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 10941 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10942 "A String", 10943 ], 10944 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 10945 "A String", 10946 ], 10947 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 10948 { # EnvVar represents an environment variable present in a Container. 10949 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 10950 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 10951 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 10952 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 10953 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 10954 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10955 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10956 }, 10957 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 10958 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 10959 }, 10960 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 10961 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 10962 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10963 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10964 }, 10965 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 10966 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 10967 }, 10968 }, 10969 }, 10970 ], 10971 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 10972 { # EnvFromSource represents the source of a set of ConfigMaps 10973 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 10974 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10975 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10976 }, 10977 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 10978 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 10979 }, 10980 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 10981 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 10982 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 10983 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 10984 }, 10985 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 10986 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 10987 }, 10988 }, 10989 ], 10990 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 10991 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 10992 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 10993 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 10994 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 10995 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 10996 "A String", 10997 ], 10998 }, 10999 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11000 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11001 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11002 { # HTTPHeader describes a custom header to be used in HTTP probes 11003 "name": "A String", # The header field name 11004 "value": "A String", # The header field value 11005 }, 11006 ], 11007 "path": "A String", # Path to access on the HTTP server. +optional 11008 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11009 "intVal": 42, # The int value. 11010 "strVal": "A String", # The string value. 11011 "type": 42, # The type of the value. 11012 }, 11013 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11014 }, 11015 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11016 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11017 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11018 "intVal": 42, # The int value. 11019 "strVal": "A String", # The string value. 11020 "type": 42, # The type of the value. 11021 }, 11022 }, 11023 }, 11024 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11025 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11026 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11027 "A String", 11028 ], 11029 }, 11030 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11031 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11032 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11033 { # HTTPHeader describes a custom header to be used in HTTP probes 11034 "name": "A String", # The header field name 11035 "value": "A String", # The header field value 11036 }, 11037 ], 11038 "path": "A String", # Path to access on the HTTP server. +optional 11039 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11040 "intVal": 42, # The int value. 11041 "strVal": "A String", # The string value. 11042 "type": 42, # The type of the value. 11043 }, 11044 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11045 }, 11046 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11047 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11048 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11049 "intVal": 42, # The int value. 11050 "strVal": "A String", # The string value. 11051 "type": 42, # The type of the value. 11052 }, 11053 }, 11054 }, 11055 }, 11056 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11057 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11058 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11059 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11060 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11061 "A String", 11062 ], 11063 }, 11064 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11065 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11066 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11067 { # HTTPHeader describes a custom header to be used in HTTP probes 11068 "name": "A String", # The header field name 11069 "value": "A String", # The header field value 11070 }, 11071 ], 11072 "path": "A String", # Path to access on the HTTP server. +optional 11073 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11074 "intVal": 42, # The int value. 11075 "strVal": "A String", # The string value. 11076 "type": 42, # The type of the value. 11077 }, 11078 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11079 }, 11080 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11081 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11082 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11083 "intVal": 42, # The int value. 11084 "strVal": "A String", # The string value. 11085 "type": 42, # The type of the value. 11086 }, 11087 }, 11088 }, 11089 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11090 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11091 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11092 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11093 }, 11094 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 11095 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 11096 { # ContainerPort represents a network port in a single container. 11097 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 11098 "hostIP": "A String", # What host IP to bind the external port to. +optional 11099 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 11100 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 11101 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 11102 }, 11103 ], 11104 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11105 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11106 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11107 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11108 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11109 "A String", 11110 ], 11111 }, 11112 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11113 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11114 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11115 { # HTTPHeader describes a custom header to be used in HTTP probes 11116 "name": "A String", # The header field name 11117 "value": "A String", # The header field value 11118 }, 11119 ], 11120 "path": "A String", # Path to access on the HTTP server. +optional 11121 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11122 "intVal": 42, # The int value. 11123 "strVal": "A String", # The string value. 11124 "type": 42, # The type of the value. 11125 }, 11126 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11127 }, 11128 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11129 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11130 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11131 "intVal": 42, # The int value. 11132 "strVal": "A String", # The string value. 11133 "type": 42, # The type of the value. 11134 }, 11135 }, 11136 }, 11137 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11138 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11139 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11140 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11141 }, 11142 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 11143 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11144 "a_key": "A String", 11145 }, 11146 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 11147 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11148 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11149 }, 11150 }, 11151 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11152 "a_key": "A String", 11153 }, 11154 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 11155 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11156 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11157 }, 11158 }, 11159 }, 11160 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 11161 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 11162 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 11163 "add": [ # Added capabilities +optional 11164 "A String", 11165 ], 11166 "drop": [ # Removed capabilities +optional 11167 "A String", 11168 ], 11169 }, 11170 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 11171 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 11172 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11173 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11174 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11175 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11176 "level": "A String", # Level is SELinux level label that applies to the container. +optional 11177 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 11178 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 11179 "user": "A String", # User is a SELinux user label that applies to the container. +optional 11180 }, 11181 }, 11182 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 11183 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 11184 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 11185 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 11186 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 11187 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 11188 { # volumeDevice describes a mapping of a raw block device within a container. 11189 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 11190 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 11191 }, 11192 ], 11193 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 11194 { # VolumeMount describes a mounting of a Volume within a container. 11195 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 11196 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 11197 "name": "A String", # This must match the Name of a Volume. 11198 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 11199 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 11200 }, 11201 ], 11202 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 11203 }, 11204 ], 11205 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 11206 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 11207 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 11208 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 11209 "volumes": [ 11210 { # Volume represents a named volume in a container. 11211 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 11212 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11213 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11214 { # Maps a string key to a path within a volume. 11215 "key": "A String", # The key to project. 11216 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11217 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11218 }, 11219 ], 11220 "name": "A String", # Name of the config. 11221 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11222 }, 11223 "name": "A String", # Volume's name. 11224 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 11225 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11226 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11227 { # Maps a string key to a path within a volume. 11228 "key": "A String", # The key to project. 11229 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11230 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11231 }, 11232 ], 11233 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11234 "secretName": "A String", # Name of the secret in the container's namespace to use. 11235 }, 11236 }, 11237 ], 11238 }, 11239 }, 11240 }, 11241 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 11242 "A String", 11243 ], 11244 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 11245 }, 11246 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 11247 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 11248 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 11249 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 11250 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 11251 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 11252 "a_key": "A String", 11253 }, 11254 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 11255 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11256 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 11257 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11258 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 11259 "A String", 11260 ], 11261 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 11262 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 11263 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 11264 "a_key": "A String", 11265 }, 11266 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 11267 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 11268 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 11269 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 11270 "apiVersion": "A String", # API version of the referent. 11271 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 11272 "controller": True or False, # If true, this reference points to the managing controller. +optional 11273 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11274 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 11275 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 11276 }, 11277 ], 11278 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 11279 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 11280 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 11281 }, 11282 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 11283 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 11284 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 11285 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11286 "A String", 11287 ], 11288 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11289 "A String", 11290 ], 11291 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 11292 { # EnvVar represents an environment variable present in a Container. 11293 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 11294 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 11295 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 11296 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 11297 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 11298 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11299 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11300 }, 11301 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 11302 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 11303 }, 11304 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 11305 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 11306 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11307 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11308 }, 11309 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 11310 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 11311 }, 11312 }, 11313 }, 11314 ], 11315 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 11316 { # EnvFromSource represents the source of a set of ConfigMaps 11317 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 11318 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11319 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11320 }, 11321 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 11322 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 11323 }, 11324 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 11325 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 11326 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11327 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11328 }, 11329 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 11330 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 11331 }, 11332 }, 11333 ], 11334 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11335 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 11336 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 11337 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11338 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11339 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11340 "A String", 11341 ], 11342 }, 11343 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11344 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11345 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11346 { # HTTPHeader describes a custom header to be used in HTTP probes 11347 "name": "A String", # The header field name 11348 "value": "A String", # The header field value 11349 }, 11350 ], 11351 "path": "A String", # Path to access on the HTTP server. +optional 11352 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11353 "intVal": 42, # The int value. 11354 "strVal": "A String", # The string value. 11355 "type": 42, # The type of the value. 11356 }, 11357 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11358 }, 11359 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11360 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11361 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11362 "intVal": 42, # The int value. 11363 "strVal": "A String", # The string value. 11364 "type": 42, # The type of the value. 11365 }, 11366 }, 11367 }, 11368 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11369 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11370 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11371 "A String", 11372 ], 11373 }, 11374 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11375 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11376 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11377 { # HTTPHeader describes a custom header to be used in HTTP probes 11378 "name": "A String", # The header field name 11379 "value": "A String", # The header field value 11380 }, 11381 ], 11382 "path": "A String", # Path to access on the HTTP server. +optional 11383 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11384 "intVal": 42, # The int value. 11385 "strVal": "A String", # The string value. 11386 "type": 42, # The type of the value. 11387 }, 11388 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11389 }, 11390 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11391 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11392 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11393 "intVal": 42, # The int value. 11394 "strVal": "A String", # The string value. 11395 "type": 42, # The type of the value. 11396 }, 11397 }, 11398 }, 11399 }, 11400 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11401 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11402 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11403 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11404 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11405 "A String", 11406 ], 11407 }, 11408 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11409 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11410 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11411 { # HTTPHeader describes a custom header to be used in HTTP probes 11412 "name": "A String", # The header field name 11413 "value": "A String", # The header field value 11414 }, 11415 ], 11416 "path": "A String", # Path to access on the HTTP server. +optional 11417 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11418 "intVal": 42, # The int value. 11419 "strVal": "A String", # The string value. 11420 "type": 42, # The type of the value. 11421 }, 11422 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11423 }, 11424 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11425 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11426 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11427 "intVal": 42, # The int value. 11428 "strVal": "A String", # The string value. 11429 "type": 42, # The type of the value. 11430 }, 11431 }, 11432 }, 11433 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11434 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11435 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11436 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11437 }, 11438 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 11439 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 11440 { # ContainerPort represents a network port in a single container. 11441 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 11442 "hostIP": "A String", # What host IP to bind the external port to. +optional 11443 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 11444 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 11445 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 11446 }, 11447 ], 11448 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11449 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11450 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11451 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11452 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11453 "A String", 11454 ], 11455 }, 11456 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11457 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11458 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11459 { # HTTPHeader describes a custom header to be used in HTTP probes 11460 "name": "A String", # The header field name 11461 "value": "A String", # The header field value 11462 }, 11463 ], 11464 "path": "A String", # Path to access on the HTTP server. +optional 11465 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11466 "intVal": 42, # The int value. 11467 "strVal": "A String", # The string value. 11468 "type": 42, # The type of the value. 11469 }, 11470 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11471 }, 11472 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11473 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11474 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11475 "intVal": 42, # The int value. 11476 "strVal": "A String", # The string value. 11477 "type": 42, # The type of the value. 11478 }, 11479 }, 11480 }, 11481 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11482 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11483 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11484 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11485 }, 11486 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 11487 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11488 "a_key": "A String", 11489 }, 11490 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 11491 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11492 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11493 }, 11494 }, 11495 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11496 "a_key": "A String", 11497 }, 11498 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 11499 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11500 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11501 }, 11502 }, 11503 }, 11504 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 11505 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 11506 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 11507 "add": [ # Added capabilities +optional 11508 "A String", 11509 ], 11510 "drop": [ # Removed capabilities +optional 11511 "A String", 11512 ], 11513 }, 11514 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 11515 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 11516 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11517 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11518 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11519 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11520 "level": "A String", # Level is SELinux level label that applies to the container. +optional 11521 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 11522 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 11523 "user": "A String", # User is a SELinux user label that applies to the container. +optional 11524 }, 11525 }, 11526 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 11527 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 11528 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 11529 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 11530 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 11531 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 11532 { # volumeDevice describes a mapping of a raw block device within a container. 11533 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 11534 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 11535 }, 11536 ], 11537 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 11538 { # VolumeMount describes a mounting of a Volume within a container. 11539 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 11540 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 11541 "name": "A String", # This must match the Name of a Volume. 11542 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 11543 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 11544 }, 11545 ], 11546 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 11547 }, 11548 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 11549 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 11550 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 11551 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11552 "A String", 11553 ], 11554 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11555 "A String", 11556 ], 11557 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 11558 { # EnvVar represents an environment variable present in a Container. 11559 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 11560 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 11561 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 11562 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 11563 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 11564 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11565 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11566 }, 11567 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 11568 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 11569 }, 11570 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 11571 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 11572 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11573 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11574 }, 11575 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 11576 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 11577 }, 11578 }, 11579 }, 11580 ], 11581 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 11582 { # EnvFromSource represents the source of a set of ConfigMaps 11583 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 11584 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11585 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11586 }, 11587 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 11588 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 11589 }, 11590 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 11591 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 11592 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11593 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11594 }, 11595 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 11596 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 11597 }, 11598 }, 11599 ], 11600 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11601 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 11602 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 11603 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11604 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11605 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11606 "A String", 11607 ], 11608 }, 11609 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11610 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11611 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11612 { # HTTPHeader describes a custom header to be used in HTTP probes 11613 "name": "A String", # The header field name 11614 "value": "A String", # The header field value 11615 }, 11616 ], 11617 "path": "A String", # Path to access on the HTTP server. +optional 11618 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11619 "intVal": 42, # The int value. 11620 "strVal": "A String", # The string value. 11621 "type": 42, # The type of the value. 11622 }, 11623 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11624 }, 11625 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11626 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11627 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11628 "intVal": 42, # The int value. 11629 "strVal": "A String", # The string value. 11630 "type": 42, # The type of the value. 11631 }, 11632 }, 11633 }, 11634 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11635 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11636 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11637 "A String", 11638 ], 11639 }, 11640 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11641 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11642 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11643 { # HTTPHeader describes a custom header to be used in HTTP probes 11644 "name": "A String", # The header field name 11645 "value": "A String", # The header field value 11646 }, 11647 ], 11648 "path": "A String", # Path to access on the HTTP server. +optional 11649 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11650 "intVal": 42, # The int value. 11651 "strVal": "A String", # The string value. 11652 "type": 42, # The type of the value. 11653 }, 11654 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11655 }, 11656 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11657 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11658 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11659 "intVal": 42, # The int value. 11660 "strVal": "A String", # The string value. 11661 "type": 42, # The type of the value. 11662 }, 11663 }, 11664 }, 11665 }, 11666 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11667 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11668 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11669 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11670 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11671 "A String", 11672 ], 11673 }, 11674 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11675 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11676 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11677 { # HTTPHeader describes a custom header to be used in HTTP probes 11678 "name": "A String", # The header field name 11679 "value": "A String", # The header field value 11680 }, 11681 ], 11682 "path": "A String", # Path to access on the HTTP server. +optional 11683 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11684 "intVal": 42, # The int value. 11685 "strVal": "A String", # The string value. 11686 "type": 42, # The type of the value. 11687 }, 11688 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11689 }, 11690 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11691 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11692 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11693 "intVal": 42, # The int value. 11694 "strVal": "A String", # The string value. 11695 "type": 42, # The type of the value. 11696 }, 11697 }, 11698 }, 11699 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11700 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11701 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11702 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11703 }, 11704 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 11705 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 11706 { # ContainerPort represents a network port in a single container. 11707 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 11708 "hostIP": "A String", # What host IP to bind the external port to. +optional 11709 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 11710 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 11711 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 11712 }, 11713 ], 11714 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11715 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 11716 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 11717 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11718 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11719 "A String", 11720 ], 11721 }, 11722 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11723 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11724 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11725 { # HTTPHeader describes a custom header to be used in HTTP probes 11726 "name": "A String", # The header field name 11727 "value": "A String", # The header field value 11728 }, 11729 ], 11730 "path": "A String", # Path to access on the HTTP server. +optional 11731 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11732 "intVal": 42, # The int value. 11733 "strVal": "A String", # The string value. 11734 "type": 42, # The type of the value. 11735 }, 11736 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11737 }, 11738 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11739 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11740 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11741 "intVal": 42, # The int value. 11742 "strVal": "A String", # The string value. 11743 "type": 42, # The type of the value. 11744 }, 11745 }, 11746 }, 11747 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11748 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 11749 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 11750 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 11751 }, 11752 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 11753 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11754 "a_key": "A String", 11755 }, 11756 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 11757 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11758 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11759 }, 11760 }, 11761 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 11762 "a_key": "A String", 11763 }, 11764 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 11765 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 11766 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 11767 }, 11768 }, 11769 }, 11770 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 11771 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 11772 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 11773 "add": [ # Added capabilities +optional 11774 "A String", 11775 ], 11776 "drop": [ # Removed capabilities +optional 11777 "A String", 11778 ], 11779 }, 11780 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 11781 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 11782 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11783 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11784 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11785 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 11786 "level": "A String", # Level is SELinux level label that applies to the container. +optional 11787 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 11788 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 11789 "user": "A String", # User is a SELinux user label that applies to the container. +optional 11790 }, 11791 }, 11792 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 11793 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 11794 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 11795 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 11796 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 11797 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 11798 { # volumeDevice describes a mapping of a raw block device within a container. 11799 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 11800 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 11801 }, 11802 ], 11803 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 11804 { # VolumeMount describes a mounting of a Volume within a container. 11805 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 11806 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 11807 "name": "A String", # This must match the Name of a Volume. 11808 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 11809 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 11810 }, 11811 ], 11812 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 11813 }, 11814 ], 11815 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 11816 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 11817 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 11818 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 11819 "volumes": [ 11820 { # Volume represents a named volume in a container. 11821 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 11822 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11823 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11824 { # Maps a string key to a path within a volume. 11825 "key": "A String", # The key to project. 11826 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11827 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11828 }, 11829 ], 11830 "name": "A String", # Name of the config. 11831 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11832 }, 11833 "name": "A String", # Volume's name. 11834 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 11835 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 11836 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 11837 { # Maps a string key to a path within a volume. 11838 "key": "A String", # The key to project. 11839 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 11840 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 11841 }, 11842 ], 11843 "optional": True or False, # Specify whether the Secret or its keys must be defined. 11844 "secretName": "A String", # Name of the secret in the container's namespace to use. 11845 }, 11846 }, 11847 ], 11848 }, 11849 }, 11850 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 11851 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 11852 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 11853 "a_key": "A String", 11854 }, 11855 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 11856 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11857 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 11858 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 11859 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 11860 "A String", 11861 ], 11862 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 11863 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 11864 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 11865 "a_key": "A String", 11866 }, 11867 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 11868 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 11869 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 11870 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 11871 "apiVersion": "A String", # API version of the referent. 11872 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 11873 "controller": True or False, # If true, this reference points to the managing controller. +optional 11874 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 11875 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 11876 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 11877 }, 11878 ], 11879 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 11880 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 11881 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 11882 }, 11883 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 11884 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 11885 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 11886 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11887 "A String", 11888 ], 11889 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 11890 "A String", 11891 ], 11892 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 11893 { # EnvVar represents an environment variable present in a Container. 11894 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 11895 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 11896 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 11897 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 11898 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 11899 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11900 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11901 }, 11902 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 11903 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 11904 }, 11905 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 11906 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 11907 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11908 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11909 }, 11910 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 11911 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 11912 }, 11913 }, 11914 }, 11915 ], 11916 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 11917 { # EnvFromSource represents the source of a set of ConfigMaps 11918 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 11919 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11920 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11921 }, 11922 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 11923 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 11924 }, 11925 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 11926 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 11927 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 11928 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 11929 }, 11930 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 11931 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 11932 }, 11933 }, 11934 ], 11935 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 11936 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 11937 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 11938 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11939 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11940 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11941 "A String", 11942 ], 11943 }, 11944 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11945 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11946 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11947 { # HTTPHeader describes a custom header to be used in HTTP probes 11948 "name": "A String", # The header field name 11949 "value": "A String", # The header field value 11950 }, 11951 ], 11952 "path": "A String", # Path to access on the HTTP server. +optional 11953 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11954 "intVal": 42, # The int value. 11955 "strVal": "A String", # The string value. 11956 "type": 42, # The type of the value. 11957 }, 11958 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11959 }, 11960 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11961 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11962 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11963 "intVal": 42, # The int value. 11964 "strVal": "A String", # The string value. 11965 "type": 42, # The type of the value. 11966 }, 11967 }, 11968 }, 11969 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 11970 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 11971 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 11972 "A String", 11973 ], 11974 }, 11975 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 11976 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 11977 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 11978 { # HTTPHeader describes a custom header to be used in HTTP probes 11979 "name": "A String", # The header field name 11980 "value": "A String", # The header field value 11981 }, 11982 ], 11983 "path": "A String", # Path to access on the HTTP server. +optional 11984 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11985 "intVal": 42, # The int value. 11986 "strVal": "A String", # The string value. 11987 "type": 42, # The type of the value. 11988 }, 11989 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 11990 }, 11991 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 11992 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 11993 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 11994 "intVal": 42, # The int value. 11995 "strVal": "A String", # The string value. 11996 "type": 42, # The type of the value. 11997 }, 11998 }, 11999 }, 12000 }, 12001 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12002 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12003 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12004 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12005 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12006 "A String", 12007 ], 12008 }, 12009 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12010 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12011 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12012 { # HTTPHeader describes a custom header to be used in HTTP probes 12013 "name": "A String", # The header field name 12014 "value": "A String", # The header field value 12015 }, 12016 ], 12017 "path": "A String", # Path to access on the HTTP server. +optional 12018 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12019 "intVal": 42, # The int value. 12020 "strVal": "A String", # The string value. 12021 "type": 42, # The type of the value. 12022 }, 12023 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12024 }, 12025 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12026 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12027 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12028 "intVal": 42, # The int value. 12029 "strVal": "A String", # The string value. 12030 "type": 42, # The type of the value. 12031 }, 12032 }, 12033 }, 12034 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12035 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12036 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12037 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12038 }, 12039 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12040 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12041 { # ContainerPort represents a network port in a single container. 12042 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12043 "hostIP": "A String", # What host IP to bind the external port to. +optional 12044 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12045 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12046 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12047 }, 12048 ], 12049 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12050 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12051 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12052 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12053 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12054 "A String", 12055 ], 12056 }, 12057 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12058 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12059 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12060 { # HTTPHeader describes a custom header to be used in HTTP probes 12061 "name": "A String", # The header field name 12062 "value": "A String", # The header field value 12063 }, 12064 ], 12065 "path": "A String", # Path to access on the HTTP server. +optional 12066 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12067 "intVal": 42, # The int value. 12068 "strVal": "A String", # The string value. 12069 "type": 42, # The type of the value. 12070 }, 12071 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12072 }, 12073 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12074 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12075 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12076 "intVal": 42, # The int value. 12077 "strVal": "A String", # The string value. 12078 "type": 42, # The type of the value. 12079 }, 12080 }, 12081 }, 12082 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12083 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12084 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12085 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12086 }, 12087 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12088 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12089 "a_key": "A String", 12090 }, 12091 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12092 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12093 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12094 }, 12095 }, 12096 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12097 "a_key": "A String", 12098 }, 12099 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12100 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12101 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12102 }, 12103 }, 12104 }, 12105 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12106 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12107 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12108 "add": [ # Added capabilities +optional 12109 "A String", 12110 ], 12111 "drop": [ # Removed capabilities +optional 12112 "A String", 12113 ], 12114 }, 12115 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12116 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12117 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12118 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12119 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12120 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12121 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12122 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12123 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12124 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12125 }, 12126 }, 12127 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12128 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12129 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12130 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 12131 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 12132 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 12133 { # volumeDevice describes a mapping of a raw block device within a container. 12134 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 12135 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 12136 }, 12137 ], 12138 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 12139 { # VolumeMount describes a mounting of a Volume within a container. 12140 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 12141 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 12142 "name": "A String", # This must match the Name of a Volume. 12143 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 12144 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 12145 }, 12146 ], 12147 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 12148 }, 12149 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 12150 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 12151 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 12152 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12153 "A String", 12154 ], 12155 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12156 "A String", 12157 ], 12158 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 12159 { # EnvVar represents an environment variable present in a Container. 12160 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 12161 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 12162 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 12163 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 12164 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 12165 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12166 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12167 }, 12168 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 12169 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 12170 }, 12171 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 12172 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 12173 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12174 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12175 }, 12176 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 12177 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 12178 }, 12179 }, 12180 }, 12181 ], 12182 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 12183 { # EnvFromSource represents the source of a set of ConfigMaps 12184 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 12185 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12186 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12187 }, 12188 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 12189 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 12190 }, 12191 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 12192 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 12193 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12194 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12195 }, 12196 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 12197 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 12198 }, 12199 }, 12200 ], 12201 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 12202 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 12203 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 12204 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12205 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12206 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12207 "A String", 12208 ], 12209 }, 12210 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12211 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12212 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12213 { # HTTPHeader describes a custom header to be used in HTTP probes 12214 "name": "A String", # The header field name 12215 "value": "A String", # The header field value 12216 }, 12217 ], 12218 "path": "A String", # Path to access on the HTTP server. +optional 12219 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12220 "intVal": 42, # The int value. 12221 "strVal": "A String", # The string value. 12222 "type": 42, # The type of the value. 12223 }, 12224 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12225 }, 12226 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12227 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12228 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12229 "intVal": 42, # The int value. 12230 "strVal": "A String", # The string value. 12231 "type": 42, # The type of the value. 12232 }, 12233 }, 12234 }, 12235 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12236 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12237 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12238 "A String", 12239 ], 12240 }, 12241 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12242 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12243 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12244 { # HTTPHeader describes a custom header to be used in HTTP probes 12245 "name": "A String", # The header field name 12246 "value": "A String", # The header field value 12247 }, 12248 ], 12249 "path": "A String", # Path to access on the HTTP server. +optional 12250 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12251 "intVal": 42, # The int value. 12252 "strVal": "A String", # The string value. 12253 "type": 42, # The type of the value. 12254 }, 12255 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12256 }, 12257 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12258 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12259 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12260 "intVal": 42, # The int value. 12261 "strVal": "A String", # The string value. 12262 "type": 42, # The type of the value. 12263 }, 12264 }, 12265 }, 12266 }, 12267 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12268 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12269 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12270 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12271 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12272 "A String", 12273 ], 12274 }, 12275 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12276 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12277 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12278 { # HTTPHeader describes a custom header to be used in HTTP probes 12279 "name": "A String", # The header field name 12280 "value": "A String", # The header field value 12281 }, 12282 ], 12283 "path": "A String", # Path to access on the HTTP server. +optional 12284 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12285 "intVal": 42, # The int value. 12286 "strVal": "A String", # The string value. 12287 "type": 42, # The type of the value. 12288 }, 12289 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12290 }, 12291 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12292 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12293 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12294 "intVal": 42, # The int value. 12295 "strVal": "A String", # The string value. 12296 "type": 42, # The type of the value. 12297 }, 12298 }, 12299 }, 12300 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12301 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12302 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12303 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12304 }, 12305 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12306 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12307 { # ContainerPort represents a network port in a single container. 12308 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12309 "hostIP": "A String", # What host IP to bind the external port to. +optional 12310 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12311 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12312 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12313 }, 12314 ], 12315 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12316 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12317 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12318 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12319 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12320 "A String", 12321 ], 12322 }, 12323 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12324 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12325 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12326 { # HTTPHeader describes a custom header to be used in HTTP probes 12327 "name": "A String", # The header field name 12328 "value": "A String", # The header field value 12329 }, 12330 ], 12331 "path": "A String", # Path to access on the HTTP server. +optional 12332 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12333 "intVal": 42, # The int value. 12334 "strVal": "A String", # The string value. 12335 "type": 42, # The type of the value. 12336 }, 12337 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12338 }, 12339 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12340 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12341 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12342 "intVal": 42, # The int value. 12343 "strVal": "A String", # The string value. 12344 "type": 42, # The type of the value. 12345 }, 12346 }, 12347 }, 12348 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12349 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12350 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12351 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12352 }, 12353 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12354 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12355 "a_key": "A String", 12356 }, 12357 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12358 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12359 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12360 }, 12361 }, 12362 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12363 "a_key": "A String", 12364 }, 12365 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12366 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12367 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12368 }, 12369 }, 12370 }, 12371 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12372 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12373 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12374 "add": [ # Added capabilities +optional 12375 "A String", 12376 ], 12377 "drop": [ # Removed capabilities +optional 12378 "A String", 12379 ], 12380 }, 12381 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12382 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12383 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12384 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12385 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12386 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12387 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12388 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12389 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12390 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12391 }, 12392 }, 12393 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12394 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12395 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12396 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 12397 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 12398 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 12399 { # volumeDevice describes a mapping of a raw block device within a container. 12400 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 12401 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 12402 }, 12403 ], 12404 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 12405 { # VolumeMount describes a mounting of a Volume within a container. 12406 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 12407 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 12408 "name": "A String", # This must match the Name of a Volume. 12409 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 12410 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 12411 }, 12412 ], 12413 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 12414 }, 12415 ], 12416 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 12417 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 12418 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 12419 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 12420 "volumes": [ 12421 { # Volume represents a named volume in a container. 12422 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 12423 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 12424 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 12425 { # Maps a string key to a path within a volume. 12426 "key": "A String", # The key to project. 12427 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 12428 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 12429 }, 12430 ], 12431 "name": "A String", # Name of the config. 12432 "optional": True or False, # Specify whether the Secret or its keys must be defined. 12433 }, 12434 "name": "A String", # Volume's name. 12435 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 12436 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 12437 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 12438 { # Maps a string key to a path within a volume. 12439 "key": "A String", # The key to project. 12440 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 12441 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 12442 }, 12443 ], 12444 "optional": True or False, # Specify whether the Secret or its keys must be defined. 12445 "secretName": "A String", # Name of the secret in the container's namespace to use. 12446 }, 12447 }, 12448 ], 12449 }, 12450 }, 12451 }, 12452 }, 12453 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 12454 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 12455 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 12456 "a_key": "A String", 12457 }, 12458 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 12459 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 12460 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 12461 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 12462 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 12463 "A String", 12464 ], 12465 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 12466 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 12467 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 12468 "a_key": "A String", 12469 }, 12470 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 12471 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 12472 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 12473 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 12474 "apiVersion": "A String", # API version of the referent. 12475 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 12476 "controller": True or False, # If true, this reference points to the managing controller. +optional 12477 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 12478 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 12479 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 12480 }, 12481 ], 12482 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 12483 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 12484 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 12485 }, 12486 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 12487 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 12488 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 12489 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12490 "A String", 12491 ], 12492 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12493 "A String", 12494 ], 12495 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 12496 { # EnvVar represents an environment variable present in a Container. 12497 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 12498 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 12499 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 12500 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 12501 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 12502 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12503 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12504 }, 12505 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 12506 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 12507 }, 12508 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 12509 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 12510 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12511 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12512 }, 12513 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 12514 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 12515 }, 12516 }, 12517 }, 12518 ], 12519 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 12520 { # EnvFromSource represents the source of a set of ConfigMaps 12521 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 12522 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12523 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12524 }, 12525 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 12526 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 12527 }, 12528 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 12529 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 12530 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12531 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12532 }, 12533 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 12534 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 12535 }, 12536 }, 12537 ], 12538 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 12539 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 12540 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 12541 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12542 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12543 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12544 "A String", 12545 ], 12546 }, 12547 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12548 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12549 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12550 { # HTTPHeader describes a custom header to be used in HTTP probes 12551 "name": "A String", # The header field name 12552 "value": "A String", # The header field value 12553 }, 12554 ], 12555 "path": "A String", # Path to access on the HTTP server. +optional 12556 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12557 "intVal": 42, # The int value. 12558 "strVal": "A String", # The string value. 12559 "type": 42, # The type of the value. 12560 }, 12561 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12562 }, 12563 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12564 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12565 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12566 "intVal": 42, # The int value. 12567 "strVal": "A String", # The string value. 12568 "type": 42, # The type of the value. 12569 }, 12570 }, 12571 }, 12572 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12573 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12574 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12575 "A String", 12576 ], 12577 }, 12578 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12579 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12580 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12581 { # HTTPHeader describes a custom header to be used in HTTP probes 12582 "name": "A String", # The header field name 12583 "value": "A String", # The header field value 12584 }, 12585 ], 12586 "path": "A String", # Path to access on the HTTP server. +optional 12587 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12588 "intVal": 42, # The int value. 12589 "strVal": "A String", # The string value. 12590 "type": 42, # The type of the value. 12591 }, 12592 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12593 }, 12594 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12595 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12596 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12597 "intVal": 42, # The int value. 12598 "strVal": "A String", # The string value. 12599 "type": 42, # The type of the value. 12600 }, 12601 }, 12602 }, 12603 }, 12604 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12605 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12606 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12607 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12608 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12609 "A String", 12610 ], 12611 }, 12612 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12613 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12614 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12615 { # HTTPHeader describes a custom header to be used in HTTP probes 12616 "name": "A String", # The header field name 12617 "value": "A String", # The header field value 12618 }, 12619 ], 12620 "path": "A String", # Path to access on the HTTP server. +optional 12621 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12622 "intVal": 42, # The int value. 12623 "strVal": "A String", # The string value. 12624 "type": 42, # The type of the value. 12625 }, 12626 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12627 }, 12628 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12629 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12630 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12631 "intVal": 42, # The int value. 12632 "strVal": "A String", # The string value. 12633 "type": 42, # The type of the value. 12634 }, 12635 }, 12636 }, 12637 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12638 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12639 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12640 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12641 }, 12642 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12643 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12644 { # ContainerPort represents a network port in a single container. 12645 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12646 "hostIP": "A String", # What host IP to bind the external port to. +optional 12647 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12648 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12649 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12650 }, 12651 ], 12652 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12653 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12654 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12655 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12656 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12657 "A String", 12658 ], 12659 }, 12660 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12661 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12662 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12663 { # HTTPHeader describes a custom header to be used in HTTP probes 12664 "name": "A String", # The header field name 12665 "value": "A String", # The header field value 12666 }, 12667 ], 12668 "path": "A String", # Path to access on the HTTP server. +optional 12669 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12670 "intVal": 42, # The int value. 12671 "strVal": "A String", # The string value. 12672 "type": 42, # The type of the value. 12673 }, 12674 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12675 }, 12676 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12677 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12678 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12679 "intVal": 42, # The int value. 12680 "strVal": "A String", # The string value. 12681 "type": 42, # The type of the value. 12682 }, 12683 }, 12684 }, 12685 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12686 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12687 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12688 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12689 }, 12690 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12691 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12692 "a_key": "A String", 12693 }, 12694 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12695 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12696 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12697 }, 12698 }, 12699 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12700 "a_key": "A String", 12701 }, 12702 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12703 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12704 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12705 }, 12706 }, 12707 }, 12708 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12709 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12710 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12711 "add": [ # Added capabilities +optional 12712 "A String", 12713 ], 12714 "drop": [ # Removed capabilities +optional 12715 "A String", 12716 ], 12717 }, 12718 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12719 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12720 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12721 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12722 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12723 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12724 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12725 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12726 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12727 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12728 }, 12729 }, 12730 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12731 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12732 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12733 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 12734 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 12735 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 12736 { # volumeDevice describes a mapping of a raw block device within a container. 12737 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 12738 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 12739 }, 12740 ], 12741 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 12742 { # VolumeMount describes a mounting of a Volume within a container. 12743 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 12744 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 12745 "name": "A String", # This must match the Name of a Volume. 12746 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 12747 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 12748 }, 12749 ], 12750 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 12751 }, 12752 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 12753 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 12754 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 12755 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12756 "A String", 12757 ], 12758 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 12759 "A String", 12760 ], 12761 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 12762 { # EnvVar represents an environment variable present in a Container. 12763 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 12764 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 12765 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 12766 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 12767 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 12768 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12769 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12770 }, 12771 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 12772 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 12773 }, 12774 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 12775 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 12776 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12777 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12778 }, 12779 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 12780 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 12781 }, 12782 }, 12783 }, 12784 ], 12785 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 12786 { # EnvFromSource represents the source of a set of ConfigMaps 12787 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 12788 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12789 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12790 }, 12791 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 12792 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 12793 }, 12794 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 12795 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 12796 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 12797 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 12798 }, 12799 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 12800 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 12801 }, 12802 }, 12803 ], 12804 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 12805 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 12806 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 12807 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12808 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12809 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12810 "A String", 12811 ], 12812 }, 12813 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12814 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12815 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12816 { # HTTPHeader describes a custom header to be used in HTTP probes 12817 "name": "A String", # The header field name 12818 "value": "A String", # The header field value 12819 }, 12820 ], 12821 "path": "A String", # Path to access on the HTTP server. +optional 12822 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12823 "intVal": 42, # The int value. 12824 "strVal": "A String", # The string value. 12825 "type": 42, # The type of the value. 12826 }, 12827 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12828 }, 12829 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12830 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12831 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12832 "intVal": 42, # The int value. 12833 "strVal": "A String", # The string value. 12834 "type": 42, # The type of the value. 12835 }, 12836 }, 12837 }, 12838 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 12839 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12840 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12841 "A String", 12842 ], 12843 }, 12844 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12845 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12846 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12847 { # HTTPHeader describes a custom header to be used in HTTP probes 12848 "name": "A String", # The header field name 12849 "value": "A String", # The header field value 12850 }, 12851 ], 12852 "path": "A String", # Path to access on the HTTP server. +optional 12853 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12854 "intVal": 42, # The int value. 12855 "strVal": "A String", # The string value. 12856 "type": 42, # The type of the value. 12857 }, 12858 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12859 }, 12860 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12861 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12862 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12863 "intVal": 42, # The int value. 12864 "strVal": "A String", # The string value. 12865 "type": 42, # The type of the value. 12866 }, 12867 }, 12868 }, 12869 }, 12870 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12871 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12872 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12873 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12874 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12875 "A String", 12876 ], 12877 }, 12878 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12879 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12880 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12881 { # HTTPHeader describes a custom header to be used in HTTP probes 12882 "name": "A String", # The header field name 12883 "value": "A String", # The header field value 12884 }, 12885 ], 12886 "path": "A String", # Path to access on the HTTP server. +optional 12887 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12888 "intVal": 42, # The int value. 12889 "strVal": "A String", # The string value. 12890 "type": 42, # The type of the value. 12891 }, 12892 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12893 }, 12894 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12895 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12896 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12897 "intVal": 42, # The int value. 12898 "strVal": "A String", # The string value. 12899 "type": 42, # The type of the value. 12900 }, 12901 }, 12902 }, 12903 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12904 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12905 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12906 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12907 }, 12908 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 12909 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 12910 { # ContainerPort represents a network port in a single container. 12911 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 12912 "hostIP": "A String", # What host IP to bind the external port to. +optional 12913 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 12914 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 12915 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 12916 }, 12917 ], 12918 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12919 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 12920 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 12921 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 12922 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 12923 "A String", 12924 ], 12925 }, 12926 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 12927 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 12928 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 12929 { # HTTPHeader describes a custom header to be used in HTTP probes 12930 "name": "A String", # The header field name 12931 "value": "A String", # The header field value 12932 }, 12933 ], 12934 "path": "A String", # Path to access on the HTTP server. +optional 12935 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12936 "intVal": 42, # The int value. 12937 "strVal": "A String", # The string value. 12938 "type": 42, # The type of the value. 12939 }, 12940 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 12941 }, 12942 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 12943 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 12944 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 12945 "intVal": 42, # The int value. 12946 "strVal": "A String", # The string value. 12947 "type": 42, # The type of the value. 12948 }, 12949 }, 12950 }, 12951 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12952 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 12953 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 12954 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 12955 }, 12956 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 12957 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12958 "a_key": "A String", 12959 }, 12960 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 12961 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12962 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12963 }, 12964 }, 12965 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 12966 "a_key": "A String", 12967 }, 12968 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 12969 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 12970 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 12971 }, 12972 }, 12973 }, 12974 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 12975 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 12976 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 12977 "add": [ # Added capabilities +optional 12978 "A String", 12979 ], 12980 "drop": [ # Removed capabilities +optional 12981 "A String", 12982 ], 12983 }, 12984 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 12985 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 12986 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12987 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12988 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12989 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 12990 "level": "A String", # Level is SELinux level label that applies to the container. +optional 12991 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 12992 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 12993 "user": "A String", # User is a SELinux user label that applies to the container. +optional 12994 }, 12995 }, 12996 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 12997 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 12998 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 12999 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 13000 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 13001 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 13002 { # volumeDevice describes a mapping of a raw block device within a container. 13003 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 13004 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 13005 }, 13006 ], 13007 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 13008 { # VolumeMount describes a mounting of a Volume within a container. 13009 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 13010 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 13011 "name": "A String", # This must match the Name of a Volume. 13012 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 13013 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 13014 }, 13015 ], 13016 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 13017 }, 13018 ], 13019 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13020 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 13021 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 13022 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 13023 "volumes": [ 13024 { # Volume represents a named volume in a container. 13025 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 13026 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13027 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13028 { # Maps a string key to a path within a volume. 13029 "key": "A String", # The key to project. 13030 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13031 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13032 }, 13033 ], 13034 "name": "A String", # Name of the config. 13035 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13036 }, 13037 "name": "A String", # Volume's name. 13038 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 13039 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13040 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13041 { # Maps a string key to a path within a volume. 13042 "key": "A String", # The key to project. 13043 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13044 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13045 }, 13046 ], 13047 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13048 "secretName": "A String", # Name of the secret in the container's namespace to use. 13049 }, 13050 }, 13051 ], 13052 }, 13053 }, 13054 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 13055 { # TrafficTarget holds a single entry of the routing table for a Route. 13056 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 13057 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 13058 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 13059 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 13060 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 13061 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 13062 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 13063 }, 13064 ], 13065 }, 13066 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 13067 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 13068 "hostname": "A String", # Deprecated - use url instead. 13069 "url": "A String", 13070 }, 13071 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 13072 { # ServiceCondition defines a readiness condition for a Service. 13073 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 13074 "message": "A String", # Human-readable message indicating details about last transition. +optional 13075 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 13076 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 13077 "status": "A String", # Status of the condition, one of True, False, Unknown. 13078 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 13079 }, 13080 ], 13081 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 13082 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 13083 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 13084 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 13085 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 13086 { # TrafficTarget holds a single entry of the routing table for a Route. 13087 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 13088 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 13089 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 13090 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 13091 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 13092 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 13093 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 13094 }, 13095 ], 13096 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 13097 }, 13098}</pre> 13099</div> 13100 13101<div class="method"> 13102 <code class="details" id="getIamPolicy">getIamPolicy(resource, options_requestedPolicyVersion=None, x__xgafv=None)</code> 13103 <pre>Get the IAM Access Control policy currently in effect for the given Cloud Run service. This result does not include any inherited policies. 13104 13105Args: 13106 resource: string, REQUIRED: The resource for which the policy is being requested. See the operation documentation for the appropriate value for this field. (required) 13107 options_requestedPolicyVersion: integer, Optional. The policy format version to be returned. Valid values are 0, 1, and 3. Requests specifying an invalid value will be rejected. Requests for policies with any conditional bindings must specify version 3. Policies without any conditional bindings may specify any valid value or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 13108 x__xgafv: string, V1 error format. 13109 Allowed values 13110 1 - v1 error format 13111 2 - v2 error format 13112 13113Returns: 13114 An object of the form: 13115 13116 { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:[email protected]", "group:[email protected]", "domain:google.com", "serviceAccount:[email protected]" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:[email protected]" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:[email protected] - group:[email protected] - domain:google.com - serviceAccount:[email protected] role: roles/resourcemanager.organizationAdmin - members: - user:[email protected] role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). 13117 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 13118 { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:[email protected]" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts [email protected] from DATA_READ logging, and [email protected] from DATA_WRITE logging. 13119 "auditLogConfigs": [ # The configuration for logging of each type of permission. 13120 { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting [email protected] from DATA_READ logging. 13121 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. 13122 "A String", 13123 ], 13124 "logType": "A String", # The log type that this config enables. 13125 }, 13126 ], 13127 "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. 13128 }, 13129 ], 13130 "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. 13131 { # Associates `members` with a `role`. 13132 "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 13133 "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. 13134 "expression": "A String", # Textual representation of an expression in Common Expression Language syntax. 13135 "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. 13136 "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. 13137 }, 13138 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `[email protected]`. * `group:{emailid}`: An email address that represents a Google group. For example, `[email protected]`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. 13139 "A String", 13140 ], 13141 "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 13142 }, 13143 ], 13144 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. 13145 "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 13146}</pre> 13147</div> 13148 13149<div class="method"> 13150 <code class="details" id="list">list(parent, continue=None, fieldSelector=None, includeUninitialized=None, labelSelector=None, limit=None, resourceVersion=None, watch=None, x__xgafv=None)</code> 13151 <pre>Rpc to list services. 13152 13153Args: 13154 parent: string, The project ID or project number from which the services should be listed. (required) 13155 continue: string, Optional encoded string to continue paging. 13156 fieldSelector: string, Allows to filter resources based on a specific value for a field name. Send this in a query string format. i.e. 'metadata.name%3Dlorem'. Not currently used by Cloud Run. 13157 includeUninitialized: boolean, Not currently used by Cloud Run. 13158 labelSelector: string, Allows to filter resources based on a label. Supported operations are =, !=, exists, in, and notIn. 13159 limit: integer, The maximum number of records that should be returned. 13160 resourceVersion: string, The baseline resource version from which the list or watch operation should start. Not currently used by Cloud Run. 13161 watch: boolean, Flag that indicates that the client expects to watch this resource as well. Not currently used by Cloud Run. 13162 x__xgafv: string, V1 error format. 13163 Allowed values 13164 1 - v1 error format 13165 2 - v2 error format 13166 13167Returns: 13168 An object of the form: 13169 13170 { # A list of Service resources. 13171 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 13172 "items": [ # List of Services. 13173 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 13174 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 13175 "kind": "A String", # The kind of resource, in this case "Service". 13176 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 13177 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 13178 "a_key": "A String", 13179 }, 13180 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 13181 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13182 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 13183 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13184 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 13185 "A String", 13186 ], 13187 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 13188 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 13189 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 13190 "a_key": "A String", 13191 }, 13192 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 13193 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 13194 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 13195 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 13196 "apiVersion": "A String", # API version of the referent. 13197 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 13198 "controller": True or False, # If true, this reference points to the managing controller. +optional 13199 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 13200 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 13201 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 13202 }, 13203 ], 13204 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 13205 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 13206 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 13207 }, 13208 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 13209 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13210 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 13211 }, 13212 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 13213 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 13214 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13215 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 13216 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 13217 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 13218 "a_key": "A String", 13219 }, 13220 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 13221 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13222 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 13223 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13224 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 13225 "A String", 13226 ], 13227 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 13228 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 13229 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 13230 "a_key": "A String", 13231 }, 13232 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 13233 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 13234 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 13235 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 13236 "apiVersion": "A String", # API version of the referent. 13237 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 13238 "controller": True or False, # If true, this reference points to the managing controller. +optional 13239 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 13240 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 13241 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 13242 }, 13243 ], 13244 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 13245 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 13246 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 13247 }, 13248 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 13249 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 13250 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 13251 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13252 "A String", 13253 ], 13254 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13255 "A String", 13256 ], 13257 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 13258 { # EnvVar represents an environment variable present in a Container. 13259 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 13260 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 13261 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 13262 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 13263 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 13264 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13265 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13266 }, 13267 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 13268 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 13269 }, 13270 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 13271 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 13272 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13273 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13274 }, 13275 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 13276 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 13277 }, 13278 }, 13279 }, 13280 ], 13281 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 13282 { # EnvFromSource represents the source of a set of ConfigMaps 13283 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 13284 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13285 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13286 }, 13287 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 13288 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 13289 }, 13290 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 13291 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 13292 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13293 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13294 }, 13295 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 13296 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 13297 }, 13298 }, 13299 ], 13300 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 13301 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 13302 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 13303 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13304 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13305 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13306 "A String", 13307 ], 13308 }, 13309 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13310 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13311 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13312 { # HTTPHeader describes a custom header to be used in HTTP probes 13313 "name": "A String", # The header field name 13314 "value": "A String", # The header field value 13315 }, 13316 ], 13317 "path": "A String", # Path to access on the HTTP server. +optional 13318 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13319 "intVal": 42, # The int value. 13320 "strVal": "A String", # The string value. 13321 "type": 42, # The type of the value. 13322 }, 13323 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13324 }, 13325 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13326 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13327 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13328 "intVal": 42, # The int value. 13329 "strVal": "A String", # The string value. 13330 "type": 42, # The type of the value. 13331 }, 13332 }, 13333 }, 13334 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13335 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13336 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13337 "A String", 13338 ], 13339 }, 13340 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13341 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13342 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13343 { # HTTPHeader describes a custom header to be used in HTTP probes 13344 "name": "A String", # The header field name 13345 "value": "A String", # The header field value 13346 }, 13347 ], 13348 "path": "A String", # Path to access on the HTTP server. +optional 13349 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13350 "intVal": 42, # The int value. 13351 "strVal": "A String", # The string value. 13352 "type": 42, # The type of the value. 13353 }, 13354 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13355 }, 13356 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13357 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13358 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13359 "intVal": 42, # The int value. 13360 "strVal": "A String", # The string value. 13361 "type": 42, # The type of the value. 13362 }, 13363 }, 13364 }, 13365 }, 13366 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13367 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13368 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13369 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13370 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13371 "A String", 13372 ], 13373 }, 13374 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13375 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13376 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13377 { # HTTPHeader describes a custom header to be used in HTTP probes 13378 "name": "A String", # The header field name 13379 "value": "A String", # The header field value 13380 }, 13381 ], 13382 "path": "A String", # Path to access on the HTTP server. +optional 13383 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13384 "intVal": 42, # The int value. 13385 "strVal": "A String", # The string value. 13386 "type": 42, # The type of the value. 13387 }, 13388 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13389 }, 13390 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13391 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13392 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13393 "intVal": 42, # The int value. 13394 "strVal": "A String", # The string value. 13395 "type": 42, # The type of the value. 13396 }, 13397 }, 13398 }, 13399 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13400 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13401 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13402 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13403 }, 13404 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 13405 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 13406 { # ContainerPort represents a network port in a single container. 13407 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 13408 "hostIP": "A String", # What host IP to bind the external port to. +optional 13409 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 13410 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 13411 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 13412 }, 13413 ], 13414 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13415 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13416 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13417 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13418 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13419 "A String", 13420 ], 13421 }, 13422 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13423 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13424 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13425 { # HTTPHeader describes a custom header to be used in HTTP probes 13426 "name": "A String", # The header field name 13427 "value": "A String", # The header field value 13428 }, 13429 ], 13430 "path": "A String", # Path to access on the HTTP server. +optional 13431 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13432 "intVal": 42, # The int value. 13433 "strVal": "A String", # The string value. 13434 "type": 42, # The type of the value. 13435 }, 13436 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13437 }, 13438 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13439 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13440 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13441 "intVal": 42, # The int value. 13442 "strVal": "A String", # The string value. 13443 "type": 42, # The type of the value. 13444 }, 13445 }, 13446 }, 13447 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13448 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13449 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13450 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13451 }, 13452 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 13453 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13454 "a_key": "A String", 13455 }, 13456 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 13457 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13458 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13459 }, 13460 }, 13461 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13462 "a_key": "A String", 13463 }, 13464 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 13465 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13466 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13467 }, 13468 }, 13469 }, 13470 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 13471 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 13472 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 13473 "add": [ # Added capabilities +optional 13474 "A String", 13475 ], 13476 "drop": [ # Removed capabilities +optional 13477 "A String", 13478 ], 13479 }, 13480 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 13481 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 13482 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13483 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13484 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13485 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13486 "level": "A String", # Level is SELinux level label that applies to the container. +optional 13487 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 13488 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 13489 "user": "A String", # User is a SELinux user label that applies to the container. +optional 13490 }, 13491 }, 13492 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 13493 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 13494 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 13495 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 13496 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 13497 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 13498 { # volumeDevice describes a mapping of a raw block device within a container. 13499 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 13500 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 13501 }, 13502 ], 13503 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 13504 { # VolumeMount describes a mounting of a Volume within a container. 13505 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 13506 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 13507 "name": "A String", # This must match the Name of a Volume. 13508 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 13509 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 13510 }, 13511 ], 13512 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 13513 }, 13514 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 13515 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 13516 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 13517 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13518 "A String", 13519 ], 13520 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13521 "A String", 13522 ], 13523 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 13524 { # EnvVar represents an environment variable present in a Container. 13525 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 13526 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 13527 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 13528 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 13529 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 13530 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13531 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13532 }, 13533 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 13534 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 13535 }, 13536 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 13537 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 13538 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13539 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13540 }, 13541 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 13542 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 13543 }, 13544 }, 13545 }, 13546 ], 13547 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 13548 { # EnvFromSource represents the source of a set of ConfigMaps 13549 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 13550 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13551 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13552 }, 13553 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 13554 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 13555 }, 13556 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 13557 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 13558 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13559 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13560 }, 13561 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 13562 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 13563 }, 13564 }, 13565 ], 13566 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 13567 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 13568 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 13569 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13570 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13571 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13572 "A String", 13573 ], 13574 }, 13575 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13576 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13577 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13578 { # HTTPHeader describes a custom header to be used in HTTP probes 13579 "name": "A String", # The header field name 13580 "value": "A String", # The header field value 13581 }, 13582 ], 13583 "path": "A String", # Path to access on the HTTP server. +optional 13584 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13585 "intVal": 42, # The int value. 13586 "strVal": "A String", # The string value. 13587 "type": 42, # The type of the value. 13588 }, 13589 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13590 }, 13591 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13592 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13593 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13594 "intVal": 42, # The int value. 13595 "strVal": "A String", # The string value. 13596 "type": 42, # The type of the value. 13597 }, 13598 }, 13599 }, 13600 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13601 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13602 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13603 "A String", 13604 ], 13605 }, 13606 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13607 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13608 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13609 { # HTTPHeader describes a custom header to be used in HTTP probes 13610 "name": "A String", # The header field name 13611 "value": "A String", # The header field value 13612 }, 13613 ], 13614 "path": "A String", # Path to access on the HTTP server. +optional 13615 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13616 "intVal": 42, # The int value. 13617 "strVal": "A String", # The string value. 13618 "type": 42, # The type of the value. 13619 }, 13620 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13621 }, 13622 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13623 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13624 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13625 "intVal": 42, # The int value. 13626 "strVal": "A String", # The string value. 13627 "type": 42, # The type of the value. 13628 }, 13629 }, 13630 }, 13631 }, 13632 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13633 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13634 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13635 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13636 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13637 "A String", 13638 ], 13639 }, 13640 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13641 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13642 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13643 { # HTTPHeader describes a custom header to be used in HTTP probes 13644 "name": "A String", # The header field name 13645 "value": "A String", # The header field value 13646 }, 13647 ], 13648 "path": "A String", # Path to access on the HTTP server. +optional 13649 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13650 "intVal": 42, # The int value. 13651 "strVal": "A String", # The string value. 13652 "type": 42, # The type of the value. 13653 }, 13654 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13655 }, 13656 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13657 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13658 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13659 "intVal": 42, # The int value. 13660 "strVal": "A String", # The string value. 13661 "type": 42, # The type of the value. 13662 }, 13663 }, 13664 }, 13665 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13666 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13667 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13668 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13669 }, 13670 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 13671 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 13672 { # ContainerPort represents a network port in a single container. 13673 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 13674 "hostIP": "A String", # What host IP to bind the external port to. +optional 13675 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 13676 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 13677 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 13678 }, 13679 ], 13680 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13681 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13682 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13683 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13684 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13685 "A String", 13686 ], 13687 }, 13688 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13689 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13690 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13691 { # HTTPHeader describes a custom header to be used in HTTP probes 13692 "name": "A String", # The header field name 13693 "value": "A String", # The header field value 13694 }, 13695 ], 13696 "path": "A String", # Path to access on the HTTP server. +optional 13697 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13698 "intVal": 42, # The int value. 13699 "strVal": "A String", # The string value. 13700 "type": 42, # The type of the value. 13701 }, 13702 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13703 }, 13704 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13705 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13706 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13707 "intVal": 42, # The int value. 13708 "strVal": "A String", # The string value. 13709 "type": 42, # The type of the value. 13710 }, 13711 }, 13712 }, 13713 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13714 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 13715 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 13716 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13717 }, 13718 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 13719 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13720 "a_key": "A String", 13721 }, 13722 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 13723 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13724 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13725 }, 13726 }, 13727 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 13728 "a_key": "A String", 13729 }, 13730 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 13731 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 13732 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 13733 }, 13734 }, 13735 }, 13736 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 13737 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 13738 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 13739 "add": [ # Added capabilities +optional 13740 "A String", 13741 ], 13742 "drop": [ # Removed capabilities +optional 13743 "A String", 13744 ], 13745 }, 13746 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 13747 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 13748 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13749 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13750 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13751 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 13752 "level": "A String", # Level is SELinux level label that applies to the container. +optional 13753 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 13754 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 13755 "user": "A String", # User is a SELinux user label that applies to the container. +optional 13756 }, 13757 }, 13758 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 13759 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 13760 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 13761 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 13762 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 13763 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 13764 { # volumeDevice describes a mapping of a raw block device within a container. 13765 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 13766 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 13767 }, 13768 ], 13769 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 13770 { # VolumeMount describes a mounting of a Volume within a container. 13771 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 13772 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 13773 "name": "A String", # This must match the Name of a Volume. 13774 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 13775 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 13776 }, 13777 ], 13778 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 13779 }, 13780 ], 13781 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 13782 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 13783 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 13784 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 13785 "volumes": [ 13786 { # Volume represents a named volume in a container. 13787 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 13788 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13789 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13790 { # Maps a string key to a path within a volume. 13791 "key": "A String", # The key to project. 13792 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13793 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13794 }, 13795 ], 13796 "name": "A String", # Name of the config. 13797 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13798 }, 13799 "name": "A String", # Volume's name. 13800 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 13801 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 13802 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 13803 { # Maps a string key to a path within a volume. 13804 "key": "A String", # The key to project. 13805 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 13806 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 13807 }, 13808 ], 13809 "optional": True or False, # Specify whether the Secret or its keys must be defined. 13810 "secretName": "A String", # Name of the secret in the container's namespace to use. 13811 }, 13812 }, 13813 ], 13814 }, 13815 }, 13816 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 13817 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 13818 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 13819 "a_key": "A String", 13820 }, 13821 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 13822 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13823 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 13824 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 13825 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 13826 "A String", 13827 ], 13828 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 13829 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 13830 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 13831 "a_key": "A String", 13832 }, 13833 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 13834 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 13835 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 13836 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 13837 "apiVersion": "A String", # API version of the referent. 13838 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 13839 "controller": True or False, # If true, this reference points to the managing controller. +optional 13840 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 13841 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 13842 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 13843 }, 13844 ], 13845 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 13846 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 13847 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 13848 }, 13849 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 13850 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 13851 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 13852 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13853 "A String", 13854 ], 13855 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 13856 "A String", 13857 ], 13858 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 13859 { # EnvVar represents an environment variable present in a Container. 13860 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 13861 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 13862 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 13863 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 13864 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 13865 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13866 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13867 }, 13868 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 13869 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 13870 }, 13871 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 13872 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 13873 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13874 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13875 }, 13876 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 13877 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 13878 }, 13879 }, 13880 }, 13881 ], 13882 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 13883 { # EnvFromSource represents the source of a set of ConfigMaps 13884 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 13885 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13886 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13887 }, 13888 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 13889 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 13890 }, 13891 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 13892 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 13893 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 13894 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 13895 }, 13896 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 13897 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 13898 }, 13899 }, 13900 ], 13901 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 13902 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 13903 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 13904 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13905 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13906 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13907 "A String", 13908 ], 13909 }, 13910 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13911 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13912 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13913 { # HTTPHeader describes a custom header to be used in HTTP probes 13914 "name": "A String", # The header field name 13915 "value": "A String", # The header field value 13916 }, 13917 ], 13918 "path": "A String", # Path to access on the HTTP server. +optional 13919 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13920 "intVal": 42, # The int value. 13921 "strVal": "A String", # The string value. 13922 "type": 42, # The type of the value. 13923 }, 13924 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13925 }, 13926 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13927 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13928 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13929 "intVal": 42, # The int value. 13930 "strVal": "A String", # The string value. 13931 "type": 42, # The type of the value. 13932 }, 13933 }, 13934 }, 13935 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 13936 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13937 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13938 "A String", 13939 ], 13940 }, 13941 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13942 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13943 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13944 { # HTTPHeader describes a custom header to be used in HTTP probes 13945 "name": "A String", # The header field name 13946 "value": "A String", # The header field value 13947 }, 13948 ], 13949 "path": "A String", # Path to access on the HTTP server. +optional 13950 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13951 "intVal": 42, # The int value. 13952 "strVal": "A String", # The string value. 13953 "type": 42, # The type of the value. 13954 }, 13955 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13956 }, 13957 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13958 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13959 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13960 "intVal": 42, # The int value. 13961 "strVal": "A String", # The string value. 13962 "type": 42, # The type of the value. 13963 }, 13964 }, 13965 }, 13966 }, 13967 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 13968 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 13969 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 13970 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 13971 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 13972 "A String", 13973 ], 13974 }, 13975 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 13976 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 13977 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 13978 { # HTTPHeader describes a custom header to be used in HTTP probes 13979 "name": "A String", # The header field name 13980 "value": "A String", # The header field value 13981 }, 13982 ], 13983 "path": "A String", # Path to access on the HTTP server. +optional 13984 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13985 "intVal": 42, # The int value. 13986 "strVal": "A String", # The string value. 13987 "type": 42, # The type of the value. 13988 }, 13989 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 13990 }, 13991 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 13992 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 13993 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 13994 "intVal": 42, # The int value. 13995 "strVal": "A String", # The string value. 13996 "type": 42, # The type of the value. 13997 }, 13998 }, 13999 }, 14000 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14001 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14002 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14003 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14004 }, 14005 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 14006 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 14007 { # ContainerPort represents a network port in a single container. 14008 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 14009 "hostIP": "A String", # What host IP to bind the external port to. +optional 14010 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 14011 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 14012 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 14013 }, 14014 ], 14015 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14016 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14017 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14018 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14019 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14020 "A String", 14021 ], 14022 }, 14023 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14024 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14025 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14026 { # HTTPHeader describes a custom header to be used in HTTP probes 14027 "name": "A String", # The header field name 14028 "value": "A String", # The header field value 14029 }, 14030 ], 14031 "path": "A String", # Path to access on the HTTP server. +optional 14032 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14033 "intVal": 42, # The int value. 14034 "strVal": "A String", # The string value. 14035 "type": 42, # The type of the value. 14036 }, 14037 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14038 }, 14039 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14040 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14041 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14042 "intVal": 42, # The int value. 14043 "strVal": "A String", # The string value. 14044 "type": 42, # The type of the value. 14045 }, 14046 }, 14047 }, 14048 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14049 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14050 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14051 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14052 }, 14053 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 14054 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14055 "a_key": "A String", 14056 }, 14057 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14058 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14059 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14060 }, 14061 }, 14062 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14063 "a_key": "A String", 14064 }, 14065 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14066 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14067 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14068 }, 14069 }, 14070 }, 14071 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14072 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14073 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14074 "add": [ # Added capabilities +optional 14075 "A String", 14076 ], 14077 "drop": [ # Removed capabilities +optional 14078 "A String", 14079 ], 14080 }, 14081 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14082 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14083 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14084 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14085 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14086 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14087 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14088 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14089 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14090 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14091 }, 14092 }, 14093 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14094 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14095 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14096 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14097 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14098 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14099 { # volumeDevice describes a mapping of a raw block device within a container. 14100 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14101 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14102 }, 14103 ], 14104 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14105 { # VolumeMount describes a mounting of a Volume within a container. 14106 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14107 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14108 "name": "A String", # This must match the Name of a Volume. 14109 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14110 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14111 }, 14112 ], 14113 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14114 }, 14115 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 14116 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 14117 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 14118 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14119 "A String", 14120 ], 14121 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14122 "A String", 14123 ], 14124 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 14125 { # EnvVar represents an environment variable present in a Container. 14126 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 14127 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 14128 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 14129 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 14130 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 14131 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14132 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14133 }, 14134 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 14135 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 14136 }, 14137 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 14138 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 14139 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14140 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14141 }, 14142 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 14143 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 14144 }, 14145 }, 14146 }, 14147 ], 14148 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 14149 { # EnvFromSource represents the source of a set of ConfigMaps 14150 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 14151 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14152 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14153 }, 14154 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 14155 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 14156 }, 14157 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 14158 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 14159 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14160 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14161 }, 14162 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 14163 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 14164 }, 14165 }, 14166 ], 14167 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 14168 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 14169 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 14170 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14171 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14172 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14173 "A String", 14174 ], 14175 }, 14176 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14177 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14178 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14179 { # HTTPHeader describes a custom header to be used in HTTP probes 14180 "name": "A String", # The header field name 14181 "value": "A String", # The header field value 14182 }, 14183 ], 14184 "path": "A String", # Path to access on the HTTP server. +optional 14185 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14186 "intVal": 42, # The int value. 14187 "strVal": "A String", # The string value. 14188 "type": 42, # The type of the value. 14189 }, 14190 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14191 }, 14192 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14193 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14194 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14195 "intVal": 42, # The int value. 14196 "strVal": "A String", # The string value. 14197 "type": 42, # The type of the value. 14198 }, 14199 }, 14200 }, 14201 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14202 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14203 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14204 "A String", 14205 ], 14206 }, 14207 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14208 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14209 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14210 { # HTTPHeader describes a custom header to be used in HTTP probes 14211 "name": "A String", # The header field name 14212 "value": "A String", # The header field value 14213 }, 14214 ], 14215 "path": "A String", # Path to access on the HTTP server. +optional 14216 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14217 "intVal": 42, # The int value. 14218 "strVal": "A String", # The string value. 14219 "type": 42, # The type of the value. 14220 }, 14221 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14222 }, 14223 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14224 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14225 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14226 "intVal": 42, # The int value. 14227 "strVal": "A String", # The string value. 14228 "type": 42, # The type of the value. 14229 }, 14230 }, 14231 }, 14232 }, 14233 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14234 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14235 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14236 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14237 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14238 "A String", 14239 ], 14240 }, 14241 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14242 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14243 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14244 { # HTTPHeader describes a custom header to be used in HTTP probes 14245 "name": "A String", # The header field name 14246 "value": "A String", # The header field value 14247 }, 14248 ], 14249 "path": "A String", # Path to access on the HTTP server. +optional 14250 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14251 "intVal": 42, # The int value. 14252 "strVal": "A String", # The string value. 14253 "type": 42, # The type of the value. 14254 }, 14255 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14256 }, 14257 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14258 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14259 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14260 "intVal": 42, # The int value. 14261 "strVal": "A String", # The string value. 14262 "type": 42, # The type of the value. 14263 }, 14264 }, 14265 }, 14266 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14267 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14268 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14269 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14270 }, 14271 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 14272 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 14273 { # ContainerPort represents a network port in a single container. 14274 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 14275 "hostIP": "A String", # What host IP to bind the external port to. +optional 14276 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 14277 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 14278 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 14279 }, 14280 ], 14281 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14282 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14283 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14284 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14285 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14286 "A String", 14287 ], 14288 }, 14289 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14290 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14291 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14292 { # HTTPHeader describes a custom header to be used in HTTP probes 14293 "name": "A String", # The header field name 14294 "value": "A String", # The header field value 14295 }, 14296 ], 14297 "path": "A String", # Path to access on the HTTP server. +optional 14298 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14299 "intVal": 42, # The int value. 14300 "strVal": "A String", # The string value. 14301 "type": 42, # The type of the value. 14302 }, 14303 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14304 }, 14305 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14306 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14307 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14308 "intVal": 42, # The int value. 14309 "strVal": "A String", # The string value. 14310 "type": 42, # The type of the value. 14311 }, 14312 }, 14313 }, 14314 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14315 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14316 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14317 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14318 }, 14319 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 14320 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14321 "a_key": "A String", 14322 }, 14323 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14324 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14325 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14326 }, 14327 }, 14328 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14329 "a_key": "A String", 14330 }, 14331 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14332 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14333 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14334 }, 14335 }, 14336 }, 14337 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14338 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14339 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14340 "add": [ # Added capabilities +optional 14341 "A String", 14342 ], 14343 "drop": [ # Removed capabilities +optional 14344 "A String", 14345 ], 14346 }, 14347 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14348 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14349 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14350 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14351 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14352 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14353 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14354 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14355 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14356 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14357 }, 14358 }, 14359 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14360 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14361 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14362 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14363 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14364 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14365 { # volumeDevice describes a mapping of a raw block device within a container. 14366 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14367 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14368 }, 14369 ], 14370 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14371 { # VolumeMount describes a mounting of a Volume within a container. 14372 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14373 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14374 "name": "A String", # This must match the Name of a Volume. 14375 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14376 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14377 }, 14378 ], 14379 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14380 }, 14381 ], 14382 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 14383 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 14384 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 14385 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 14386 "volumes": [ 14387 { # Volume represents a named volume in a container. 14388 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 14389 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 14390 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 14391 { # Maps a string key to a path within a volume. 14392 "key": "A String", # The key to project. 14393 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 14394 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 14395 }, 14396 ], 14397 "name": "A String", # Name of the config. 14398 "optional": True or False, # Specify whether the Secret or its keys must be defined. 14399 }, 14400 "name": "A String", # Volume's name. 14401 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 14402 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 14403 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 14404 { # Maps a string key to a path within a volume. 14405 "key": "A String", # The key to project. 14406 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 14407 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 14408 }, 14409 ], 14410 "optional": True or False, # Specify whether the Secret or its keys must be defined. 14411 "secretName": "A String", # Name of the secret in the container's namespace to use. 14412 }, 14413 }, 14414 ], 14415 }, 14416 }, 14417 }, 14418 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 14419 }, 14420 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 14421 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 14422 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 14423 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 14424 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 14425 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 14426 "a_key": "A String", 14427 }, 14428 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 14429 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 14430 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 14431 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 14432 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 14433 "A String", 14434 ], 14435 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 14436 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 14437 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 14438 "a_key": "A String", 14439 }, 14440 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 14441 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 14442 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 14443 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 14444 "apiVersion": "A String", # API version of the referent. 14445 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 14446 "controller": True or False, # If true, this reference points to the managing controller. +optional 14447 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 14448 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 14449 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 14450 }, 14451 ], 14452 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 14453 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 14454 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 14455 }, 14456 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 14457 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 14458 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 14459 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14460 "A String", 14461 ], 14462 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14463 "A String", 14464 ], 14465 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 14466 { # EnvVar represents an environment variable present in a Container. 14467 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 14468 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 14469 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 14470 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 14471 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 14472 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14473 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14474 }, 14475 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 14476 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 14477 }, 14478 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 14479 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 14480 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14481 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14482 }, 14483 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 14484 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 14485 }, 14486 }, 14487 }, 14488 ], 14489 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 14490 { # EnvFromSource represents the source of a set of ConfigMaps 14491 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 14492 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14493 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14494 }, 14495 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 14496 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 14497 }, 14498 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 14499 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 14500 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14501 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14502 }, 14503 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 14504 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 14505 }, 14506 }, 14507 ], 14508 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 14509 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 14510 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 14511 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14512 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14513 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14514 "A String", 14515 ], 14516 }, 14517 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14518 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14519 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14520 { # HTTPHeader describes a custom header to be used in HTTP probes 14521 "name": "A String", # The header field name 14522 "value": "A String", # The header field value 14523 }, 14524 ], 14525 "path": "A String", # Path to access on the HTTP server. +optional 14526 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14527 "intVal": 42, # The int value. 14528 "strVal": "A String", # The string value. 14529 "type": 42, # The type of the value. 14530 }, 14531 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14532 }, 14533 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14534 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14535 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14536 "intVal": 42, # The int value. 14537 "strVal": "A String", # The string value. 14538 "type": 42, # The type of the value. 14539 }, 14540 }, 14541 }, 14542 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14543 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14544 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14545 "A String", 14546 ], 14547 }, 14548 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14549 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14550 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14551 { # HTTPHeader describes a custom header to be used in HTTP probes 14552 "name": "A String", # The header field name 14553 "value": "A String", # The header field value 14554 }, 14555 ], 14556 "path": "A String", # Path to access on the HTTP server. +optional 14557 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14558 "intVal": 42, # The int value. 14559 "strVal": "A String", # The string value. 14560 "type": 42, # The type of the value. 14561 }, 14562 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14563 }, 14564 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14565 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14566 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14567 "intVal": 42, # The int value. 14568 "strVal": "A String", # The string value. 14569 "type": 42, # The type of the value. 14570 }, 14571 }, 14572 }, 14573 }, 14574 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14575 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14576 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14577 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14578 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14579 "A String", 14580 ], 14581 }, 14582 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14583 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14584 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14585 { # HTTPHeader describes a custom header to be used in HTTP probes 14586 "name": "A String", # The header field name 14587 "value": "A String", # The header field value 14588 }, 14589 ], 14590 "path": "A String", # Path to access on the HTTP server. +optional 14591 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14592 "intVal": 42, # The int value. 14593 "strVal": "A String", # The string value. 14594 "type": 42, # The type of the value. 14595 }, 14596 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14597 }, 14598 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14599 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14600 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14601 "intVal": 42, # The int value. 14602 "strVal": "A String", # The string value. 14603 "type": 42, # The type of the value. 14604 }, 14605 }, 14606 }, 14607 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14608 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14609 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14610 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14611 }, 14612 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 14613 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 14614 { # ContainerPort represents a network port in a single container. 14615 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 14616 "hostIP": "A String", # What host IP to bind the external port to. +optional 14617 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 14618 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 14619 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 14620 }, 14621 ], 14622 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14623 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14624 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14625 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14626 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14627 "A String", 14628 ], 14629 }, 14630 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14631 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14632 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14633 { # HTTPHeader describes a custom header to be used in HTTP probes 14634 "name": "A String", # The header field name 14635 "value": "A String", # The header field value 14636 }, 14637 ], 14638 "path": "A String", # Path to access on the HTTP server. +optional 14639 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14640 "intVal": 42, # The int value. 14641 "strVal": "A String", # The string value. 14642 "type": 42, # The type of the value. 14643 }, 14644 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14645 }, 14646 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14647 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14648 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14649 "intVal": 42, # The int value. 14650 "strVal": "A String", # The string value. 14651 "type": 42, # The type of the value. 14652 }, 14653 }, 14654 }, 14655 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14656 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14657 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14658 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14659 }, 14660 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 14661 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14662 "a_key": "A String", 14663 }, 14664 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14665 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14666 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14667 }, 14668 }, 14669 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14670 "a_key": "A String", 14671 }, 14672 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14673 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14674 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14675 }, 14676 }, 14677 }, 14678 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14679 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14680 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14681 "add": [ # Added capabilities +optional 14682 "A String", 14683 ], 14684 "drop": [ # Removed capabilities +optional 14685 "A String", 14686 ], 14687 }, 14688 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14689 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14690 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14691 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14692 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14693 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14694 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14695 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14696 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14697 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14698 }, 14699 }, 14700 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14701 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14702 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14703 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14704 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14705 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14706 { # volumeDevice describes a mapping of a raw block device within a container. 14707 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14708 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14709 }, 14710 ], 14711 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14712 { # VolumeMount describes a mounting of a Volume within a container. 14713 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14714 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14715 "name": "A String", # This must match the Name of a Volume. 14716 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14717 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14718 }, 14719 ], 14720 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14721 }, 14722 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 14723 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 14724 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 14725 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14726 "A String", 14727 ], 14728 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 14729 "A String", 14730 ], 14731 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 14732 { # EnvVar represents an environment variable present in a Container. 14733 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 14734 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 14735 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 14736 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 14737 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 14738 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14739 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14740 }, 14741 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 14742 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 14743 }, 14744 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 14745 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 14746 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14747 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14748 }, 14749 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 14750 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 14751 }, 14752 }, 14753 }, 14754 ], 14755 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 14756 { # EnvFromSource represents the source of a set of ConfigMaps 14757 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 14758 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14759 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14760 }, 14761 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 14762 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 14763 }, 14764 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 14765 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 14766 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 14767 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 14768 }, 14769 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 14770 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 14771 }, 14772 }, 14773 ], 14774 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 14775 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 14776 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 14777 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14778 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14779 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14780 "A String", 14781 ], 14782 }, 14783 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14784 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14785 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14786 { # HTTPHeader describes a custom header to be used in HTTP probes 14787 "name": "A String", # The header field name 14788 "value": "A String", # The header field value 14789 }, 14790 ], 14791 "path": "A String", # Path to access on the HTTP server. +optional 14792 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14793 "intVal": 42, # The int value. 14794 "strVal": "A String", # The string value. 14795 "type": 42, # The type of the value. 14796 }, 14797 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14798 }, 14799 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14800 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14801 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14802 "intVal": 42, # The int value. 14803 "strVal": "A String", # The string value. 14804 "type": 42, # The type of the value. 14805 }, 14806 }, 14807 }, 14808 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 14809 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14810 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14811 "A String", 14812 ], 14813 }, 14814 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14815 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14816 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14817 { # HTTPHeader describes a custom header to be used in HTTP probes 14818 "name": "A String", # The header field name 14819 "value": "A String", # The header field value 14820 }, 14821 ], 14822 "path": "A String", # Path to access on the HTTP server. +optional 14823 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14824 "intVal": 42, # The int value. 14825 "strVal": "A String", # The string value. 14826 "type": 42, # The type of the value. 14827 }, 14828 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14829 }, 14830 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14831 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14832 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14833 "intVal": 42, # The int value. 14834 "strVal": "A String", # The string value. 14835 "type": 42, # The type of the value. 14836 }, 14837 }, 14838 }, 14839 }, 14840 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14841 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14842 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14843 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14844 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14845 "A String", 14846 ], 14847 }, 14848 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14849 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14850 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14851 { # HTTPHeader describes a custom header to be used in HTTP probes 14852 "name": "A String", # The header field name 14853 "value": "A String", # The header field value 14854 }, 14855 ], 14856 "path": "A String", # Path to access on the HTTP server. +optional 14857 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14858 "intVal": 42, # The int value. 14859 "strVal": "A String", # The string value. 14860 "type": 42, # The type of the value. 14861 }, 14862 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14863 }, 14864 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14865 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14866 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14867 "intVal": 42, # The int value. 14868 "strVal": "A String", # The string value. 14869 "type": 42, # The type of the value. 14870 }, 14871 }, 14872 }, 14873 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14874 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14875 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14876 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14877 }, 14878 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 14879 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 14880 { # ContainerPort represents a network port in a single container. 14881 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 14882 "hostIP": "A String", # What host IP to bind the external port to. +optional 14883 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 14884 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 14885 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 14886 }, 14887 ], 14888 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14889 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 14890 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 14891 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 14892 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 14893 "A String", 14894 ], 14895 }, 14896 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 14897 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 14898 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 14899 { # HTTPHeader describes a custom header to be used in HTTP probes 14900 "name": "A String", # The header field name 14901 "value": "A String", # The header field value 14902 }, 14903 ], 14904 "path": "A String", # Path to access on the HTTP server. +optional 14905 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14906 "intVal": 42, # The int value. 14907 "strVal": "A String", # The string value. 14908 "type": 42, # The type of the value. 14909 }, 14910 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 14911 }, 14912 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 14913 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 14914 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 14915 "intVal": 42, # The int value. 14916 "strVal": "A String", # The string value. 14917 "type": 42, # The type of the value. 14918 }, 14919 }, 14920 }, 14921 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14922 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 14923 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 14924 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 14925 }, 14926 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 14927 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14928 "a_key": "A String", 14929 }, 14930 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 14931 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14932 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14933 }, 14934 }, 14935 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 14936 "a_key": "A String", 14937 }, 14938 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 14939 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 14940 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 14941 }, 14942 }, 14943 }, 14944 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 14945 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 14946 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 14947 "add": [ # Added capabilities +optional 14948 "A String", 14949 ], 14950 "drop": [ # Removed capabilities +optional 14951 "A String", 14952 ], 14953 }, 14954 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 14955 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 14956 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14957 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14958 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14959 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 14960 "level": "A String", # Level is SELinux level label that applies to the container. +optional 14961 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 14962 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 14963 "user": "A String", # User is a SELinux user label that applies to the container. +optional 14964 }, 14965 }, 14966 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 14967 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 14968 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 14969 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 14970 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 14971 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 14972 { # volumeDevice describes a mapping of a raw block device within a container. 14973 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 14974 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 14975 }, 14976 ], 14977 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 14978 { # VolumeMount describes a mounting of a Volume within a container. 14979 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 14980 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 14981 "name": "A String", # This must match the Name of a Volume. 14982 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 14983 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 14984 }, 14985 ], 14986 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 14987 }, 14988 ], 14989 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 14990 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 14991 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 14992 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 14993 "volumes": [ 14994 { # Volume represents a named volume in a container. 14995 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 14996 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 14997 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 14998 { # Maps a string key to a path within a volume. 14999 "key": "A String", # The key to project. 15000 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 15001 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 15002 }, 15003 ], 15004 "name": "A String", # Name of the config. 15005 "optional": True or False, # Specify whether the Secret or its keys must be defined. 15006 }, 15007 "name": "A String", # Volume's name. 15008 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 15009 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 15010 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 15011 { # Maps a string key to a path within a volume. 15012 "key": "A String", # The key to project. 15013 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 15014 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 15015 }, 15016 ], 15017 "optional": True or False, # Specify whether the Secret or its keys must be defined. 15018 "secretName": "A String", # Name of the secret in the container's namespace to use. 15019 }, 15020 }, 15021 ], 15022 }, 15023 }, 15024 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 15025 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 15026 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 15027 "a_key": "A String", 15028 }, 15029 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 15030 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 15031 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 15032 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 15033 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 15034 "A String", 15035 ], 15036 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 15037 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 15038 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 15039 "a_key": "A String", 15040 }, 15041 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 15042 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 15043 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 15044 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 15045 "apiVersion": "A String", # API version of the referent. 15046 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 15047 "controller": True or False, # If true, this reference points to the managing controller. +optional 15048 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 15049 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 15050 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 15051 }, 15052 ], 15053 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 15054 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 15055 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 15056 }, 15057 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 15058 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 15059 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 15060 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15061 "A String", 15062 ], 15063 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15064 "A String", 15065 ], 15066 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15067 { # EnvVar represents an environment variable present in a Container. 15068 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15069 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15070 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15071 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15072 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15073 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15074 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15075 }, 15076 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15077 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15078 }, 15079 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15080 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15081 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15082 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15083 }, 15084 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15085 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15086 }, 15087 }, 15088 }, 15089 ], 15090 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15091 { # EnvFromSource represents the source of a set of ConfigMaps 15092 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15093 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15094 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15095 }, 15096 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15097 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15098 }, 15099 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15100 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15101 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15102 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15103 }, 15104 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15105 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15106 }, 15107 }, 15108 ], 15109 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15110 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15111 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15112 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15113 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15114 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15115 "A String", 15116 ], 15117 }, 15118 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15119 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15120 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15121 { # HTTPHeader describes a custom header to be used in HTTP probes 15122 "name": "A String", # The header field name 15123 "value": "A String", # The header field value 15124 }, 15125 ], 15126 "path": "A String", # Path to access on the HTTP server. +optional 15127 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15128 "intVal": 42, # The int value. 15129 "strVal": "A String", # The string value. 15130 "type": 42, # The type of the value. 15131 }, 15132 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15133 }, 15134 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15135 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15136 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15137 "intVal": 42, # The int value. 15138 "strVal": "A String", # The string value. 15139 "type": 42, # The type of the value. 15140 }, 15141 }, 15142 }, 15143 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15144 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15145 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15146 "A String", 15147 ], 15148 }, 15149 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15150 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15151 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15152 { # HTTPHeader describes a custom header to be used in HTTP probes 15153 "name": "A String", # The header field name 15154 "value": "A String", # The header field value 15155 }, 15156 ], 15157 "path": "A String", # Path to access on the HTTP server. +optional 15158 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15159 "intVal": 42, # The int value. 15160 "strVal": "A String", # The string value. 15161 "type": 42, # The type of the value. 15162 }, 15163 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15164 }, 15165 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15166 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15167 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15168 "intVal": 42, # The int value. 15169 "strVal": "A String", # The string value. 15170 "type": 42, # The type of the value. 15171 }, 15172 }, 15173 }, 15174 }, 15175 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15176 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15177 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15178 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15179 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15180 "A String", 15181 ], 15182 }, 15183 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15184 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15185 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15186 { # HTTPHeader describes a custom header to be used in HTTP probes 15187 "name": "A String", # The header field name 15188 "value": "A String", # The header field value 15189 }, 15190 ], 15191 "path": "A String", # Path to access on the HTTP server. +optional 15192 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15193 "intVal": 42, # The int value. 15194 "strVal": "A String", # The string value. 15195 "type": 42, # The type of the value. 15196 }, 15197 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15198 }, 15199 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15200 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15201 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15202 "intVal": 42, # The int value. 15203 "strVal": "A String", # The string value. 15204 "type": 42, # The type of the value. 15205 }, 15206 }, 15207 }, 15208 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15209 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15210 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15211 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15212 }, 15213 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 15214 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 15215 { # ContainerPort represents a network port in a single container. 15216 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 15217 "hostIP": "A String", # What host IP to bind the external port to. +optional 15218 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 15219 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 15220 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 15221 }, 15222 ], 15223 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15224 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15225 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15226 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15227 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15228 "A String", 15229 ], 15230 }, 15231 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15232 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15233 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15234 { # HTTPHeader describes a custom header to be used in HTTP probes 15235 "name": "A String", # The header field name 15236 "value": "A String", # The header field value 15237 }, 15238 ], 15239 "path": "A String", # Path to access on the HTTP server. +optional 15240 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15241 "intVal": 42, # The int value. 15242 "strVal": "A String", # The string value. 15243 "type": 42, # The type of the value. 15244 }, 15245 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15246 }, 15247 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15248 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15249 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15250 "intVal": 42, # The int value. 15251 "strVal": "A String", # The string value. 15252 "type": 42, # The type of the value. 15253 }, 15254 }, 15255 }, 15256 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15257 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15258 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15259 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15260 }, 15261 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 15262 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15263 "a_key": "A String", 15264 }, 15265 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 15266 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15267 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15268 }, 15269 }, 15270 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15271 "a_key": "A String", 15272 }, 15273 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 15274 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15275 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15276 }, 15277 }, 15278 }, 15279 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 15280 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 15281 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 15282 "add": [ # Added capabilities +optional 15283 "A String", 15284 ], 15285 "drop": [ # Removed capabilities +optional 15286 "A String", 15287 ], 15288 }, 15289 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 15290 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 15291 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15292 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15293 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15294 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15295 "level": "A String", # Level is SELinux level label that applies to the container. +optional 15296 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 15297 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 15298 "user": "A String", # User is a SELinux user label that applies to the container. +optional 15299 }, 15300 }, 15301 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 15302 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 15303 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 15304 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 15305 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 15306 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 15307 { # volumeDevice describes a mapping of a raw block device within a container. 15308 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 15309 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 15310 }, 15311 ], 15312 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 15313 { # VolumeMount describes a mounting of a Volume within a container. 15314 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 15315 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 15316 "name": "A String", # This must match the Name of a Volume. 15317 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 15318 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 15319 }, 15320 ], 15321 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 15322 }, 15323 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 15324 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 15325 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 15326 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15327 "A String", 15328 ], 15329 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15330 "A String", 15331 ], 15332 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15333 { # EnvVar represents an environment variable present in a Container. 15334 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15335 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15336 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15337 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15338 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15339 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15340 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15341 }, 15342 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15343 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15344 }, 15345 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15346 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15347 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15348 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15349 }, 15350 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15351 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15352 }, 15353 }, 15354 }, 15355 ], 15356 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15357 { # EnvFromSource represents the source of a set of ConfigMaps 15358 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15359 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15360 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15361 }, 15362 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15363 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15364 }, 15365 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15366 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15367 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15368 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15369 }, 15370 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15371 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15372 }, 15373 }, 15374 ], 15375 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15376 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15377 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15378 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15379 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15380 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15381 "A String", 15382 ], 15383 }, 15384 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15385 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15386 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15387 { # HTTPHeader describes a custom header to be used in HTTP probes 15388 "name": "A String", # The header field name 15389 "value": "A String", # The header field value 15390 }, 15391 ], 15392 "path": "A String", # Path to access on the HTTP server. +optional 15393 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15394 "intVal": 42, # The int value. 15395 "strVal": "A String", # The string value. 15396 "type": 42, # The type of the value. 15397 }, 15398 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15399 }, 15400 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15401 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15402 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15403 "intVal": 42, # The int value. 15404 "strVal": "A String", # The string value. 15405 "type": 42, # The type of the value. 15406 }, 15407 }, 15408 }, 15409 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15410 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15411 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15412 "A String", 15413 ], 15414 }, 15415 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15416 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15417 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15418 { # HTTPHeader describes a custom header to be used in HTTP probes 15419 "name": "A String", # The header field name 15420 "value": "A String", # The header field value 15421 }, 15422 ], 15423 "path": "A String", # Path to access on the HTTP server. +optional 15424 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15425 "intVal": 42, # The int value. 15426 "strVal": "A String", # The string value. 15427 "type": 42, # The type of the value. 15428 }, 15429 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15430 }, 15431 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15432 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15433 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15434 "intVal": 42, # The int value. 15435 "strVal": "A String", # The string value. 15436 "type": 42, # The type of the value. 15437 }, 15438 }, 15439 }, 15440 }, 15441 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15442 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15443 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15444 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15445 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15446 "A String", 15447 ], 15448 }, 15449 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15450 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15451 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15452 { # HTTPHeader describes a custom header to be used in HTTP probes 15453 "name": "A String", # The header field name 15454 "value": "A String", # The header field value 15455 }, 15456 ], 15457 "path": "A String", # Path to access on the HTTP server. +optional 15458 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15459 "intVal": 42, # The int value. 15460 "strVal": "A String", # The string value. 15461 "type": 42, # The type of the value. 15462 }, 15463 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15464 }, 15465 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15466 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15467 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15468 "intVal": 42, # The int value. 15469 "strVal": "A String", # The string value. 15470 "type": 42, # The type of the value. 15471 }, 15472 }, 15473 }, 15474 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15475 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15476 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15477 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15478 }, 15479 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 15480 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 15481 { # ContainerPort represents a network port in a single container. 15482 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 15483 "hostIP": "A String", # What host IP to bind the external port to. +optional 15484 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 15485 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 15486 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 15487 }, 15488 ], 15489 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15490 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15491 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15492 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15493 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15494 "A String", 15495 ], 15496 }, 15497 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15498 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15499 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15500 { # HTTPHeader describes a custom header to be used in HTTP probes 15501 "name": "A String", # The header field name 15502 "value": "A String", # The header field value 15503 }, 15504 ], 15505 "path": "A String", # Path to access on the HTTP server. +optional 15506 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15507 "intVal": 42, # The int value. 15508 "strVal": "A String", # The string value. 15509 "type": 42, # The type of the value. 15510 }, 15511 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15512 }, 15513 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15514 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15515 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15516 "intVal": 42, # The int value. 15517 "strVal": "A String", # The string value. 15518 "type": 42, # The type of the value. 15519 }, 15520 }, 15521 }, 15522 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15523 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15524 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15525 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15526 }, 15527 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 15528 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15529 "a_key": "A String", 15530 }, 15531 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 15532 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15533 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15534 }, 15535 }, 15536 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15537 "a_key": "A String", 15538 }, 15539 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 15540 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15541 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15542 }, 15543 }, 15544 }, 15545 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 15546 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 15547 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 15548 "add": [ # Added capabilities +optional 15549 "A String", 15550 ], 15551 "drop": [ # Removed capabilities +optional 15552 "A String", 15553 ], 15554 }, 15555 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 15556 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 15557 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15558 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15559 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15560 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15561 "level": "A String", # Level is SELinux level label that applies to the container. +optional 15562 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 15563 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 15564 "user": "A String", # User is a SELinux user label that applies to the container. +optional 15565 }, 15566 }, 15567 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 15568 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 15569 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 15570 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 15571 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 15572 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 15573 { # volumeDevice describes a mapping of a raw block device within a container. 15574 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 15575 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 15576 }, 15577 ], 15578 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 15579 { # VolumeMount describes a mounting of a Volume within a container. 15580 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 15581 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 15582 "name": "A String", # This must match the Name of a Volume. 15583 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 15584 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 15585 }, 15586 ], 15587 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 15588 }, 15589 ], 15590 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 15591 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 15592 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 15593 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 15594 "volumes": [ 15595 { # Volume represents a named volume in a container. 15596 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 15597 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 15598 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 15599 { # Maps a string key to a path within a volume. 15600 "key": "A String", # The key to project. 15601 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 15602 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 15603 }, 15604 ], 15605 "name": "A String", # Name of the config. 15606 "optional": True or False, # Specify whether the Secret or its keys must be defined. 15607 }, 15608 "name": "A String", # Volume's name. 15609 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 15610 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 15611 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 15612 { # Maps a string key to a path within a volume. 15613 "key": "A String", # The key to project. 15614 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 15615 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 15616 }, 15617 ], 15618 "optional": True or False, # Specify whether the Secret or its keys must be defined. 15619 "secretName": "A String", # Name of the secret in the container's namespace to use. 15620 }, 15621 }, 15622 ], 15623 }, 15624 }, 15625 }, 15626 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 15627 "A String", 15628 ], 15629 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 15630 }, 15631 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 15632 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 15633 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 15634 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 15635 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 15636 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 15637 "a_key": "A String", 15638 }, 15639 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 15640 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 15641 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 15642 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 15643 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 15644 "A String", 15645 ], 15646 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 15647 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 15648 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 15649 "a_key": "A String", 15650 }, 15651 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 15652 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 15653 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 15654 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 15655 "apiVersion": "A String", # API version of the referent. 15656 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 15657 "controller": True or False, # If true, this reference points to the managing controller. +optional 15658 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 15659 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 15660 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 15661 }, 15662 ], 15663 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 15664 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 15665 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 15666 }, 15667 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 15668 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 15669 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 15670 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15671 "A String", 15672 ], 15673 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15674 "A String", 15675 ], 15676 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15677 { # EnvVar represents an environment variable present in a Container. 15678 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15679 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15680 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15681 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15682 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15683 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15684 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15685 }, 15686 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15687 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15688 }, 15689 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15690 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15691 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15692 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15693 }, 15694 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15695 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15696 }, 15697 }, 15698 }, 15699 ], 15700 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15701 { # EnvFromSource represents the source of a set of ConfigMaps 15702 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15703 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15704 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15705 }, 15706 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15707 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15708 }, 15709 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15710 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15711 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15712 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15713 }, 15714 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15715 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15716 }, 15717 }, 15718 ], 15719 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15720 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15721 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15722 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15723 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15724 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15725 "A String", 15726 ], 15727 }, 15728 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15729 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15730 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15731 { # HTTPHeader describes a custom header to be used in HTTP probes 15732 "name": "A String", # The header field name 15733 "value": "A String", # The header field value 15734 }, 15735 ], 15736 "path": "A String", # Path to access on the HTTP server. +optional 15737 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15738 "intVal": 42, # The int value. 15739 "strVal": "A String", # The string value. 15740 "type": 42, # The type of the value. 15741 }, 15742 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15743 }, 15744 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15745 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15746 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15747 "intVal": 42, # The int value. 15748 "strVal": "A String", # The string value. 15749 "type": 42, # The type of the value. 15750 }, 15751 }, 15752 }, 15753 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15754 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15755 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15756 "A String", 15757 ], 15758 }, 15759 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15760 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15761 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15762 { # HTTPHeader describes a custom header to be used in HTTP probes 15763 "name": "A String", # The header field name 15764 "value": "A String", # The header field value 15765 }, 15766 ], 15767 "path": "A String", # Path to access on the HTTP server. +optional 15768 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15769 "intVal": 42, # The int value. 15770 "strVal": "A String", # The string value. 15771 "type": 42, # The type of the value. 15772 }, 15773 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15774 }, 15775 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15776 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15777 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15778 "intVal": 42, # The int value. 15779 "strVal": "A String", # The string value. 15780 "type": 42, # The type of the value. 15781 }, 15782 }, 15783 }, 15784 }, 15785 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15786 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15787 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15788 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15789 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15790 "A String", 15791 ], 15792 }, 15793 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15794 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15795 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15796 { # HTTPHeader describes a custom header to be used in HTTP probes 15797 "name": "A String", # The header field name 15798 "value": "A String", # The header field value 15799 }, 15800 ], 15801 "path": "A String", # Path to access on the HTTP server. +optional 15802 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15803 "intVal": 42, # The int value. 15804 "strVal": "A String", # The string value. 15805 "type": 42, # The type of the value. 15806 }, 15807 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15808 }, 15809 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15810 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15811 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15812 "intVal": 42, # The int value. 15813 "strVal": "A String", # The string value. 15814 "type": 42, # The type of the value. 15815 }, 15816 }, 15817 }, 15818 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15819 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15820 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15821 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15822 }, 15823 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 15824 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 15825 { # ContainerPort represents a network port in a single container. 15826 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 15827 "hostIP": "A String", # What host IP to bind the external port to. +optional 15828 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 15829 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 15830 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 15831 }, 15832 ], 15833 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15834 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 15835 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 15836 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15837 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15838 "A String", 15839 ], 15840 }, 15841 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15842 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15843 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15844 { # HTTPHeader describes a custom header to be used in HTTP probes 15845 "name": "A String", # The header field name 15846 "value": "A String", # The header field value 15847 }, 15848 ], 15849 "path": "A String", # Path to access on the HTTP server. +optional 15850 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15851 "intVal": 42, # The int value. 15852 "strVal": "A String", # The string value. 15853 "type": 42, # The type of the value. 15854 }, 15855 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 15856 }, 15857 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 15858 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 15859 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 15860 "intVal": 42, # The int value. 15861 "strVal": "A String", # The string value. 15862 "type": 42, # The type of the value. 15863 }, 15864 }, 15865 }, 15866 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15867 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 15868 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 15869 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 15870 }, 15871 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 15872 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15873 "a_key": "A String", 15874 }, 15875 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 15876 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15877 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15878 }, 15879 }, 15880 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 15881 "a_key": "A String", 15882 }, 15883 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 15884 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 15885 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 15886 }, 15887 }, 15888 }, 15889 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 15890 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 15891 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 15892 "add": [ # Added capabilities +optional 15893 "A String", 15894 ], 15895 "drop": [ # Removed capabilities +optional 15896 "A String", 15897 ], 15898 }, 15899 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 15900 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 15901 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15902 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15903 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15904 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 15905 "level": "A String", # Level is SELinux level label that applies to the container. +optional 15906 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 15907 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 15908 "user": "A String", # User is a SELinux user label that applies to the container. +optional 15909 }, 15910 }, 15911 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 15912 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 15913 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 15914 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 15915 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 15916 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 15917 { # volumeDevice describes a mapping of a raw block device within a container. 15918 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 15919 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 15920 }, 15921 ], 15922 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 15923 { # VolumeMount describes a mounting of a Volume within a container. 15924 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 15925 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 15926 "name": "A String", # This must match the Name of a Volume. 15927 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 15928 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 15929 }, 15930 ], 15931 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 15932 }, 15933 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 15934 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 15935 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 15936 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15937 "A String", 15938 ], 15939 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 15940 "A String", 15941 ], 15942 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 15943 { # EnvVar represents an environment variable present in a Container. 15944 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 15945 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 15946 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 15947 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 15948 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 15949 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15950 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15951 }, 15952 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 15953 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 15954 }, 15955 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 15956 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 15957 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15958 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15959 }, 15960 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 15961 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 15962 }, 15963 }, 15964 }, 15965 ], 15966 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 15967 { # EnvFromSource represents the source of a set of ConfigMaps 15968 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 15969 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15970 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15971 }, 15972 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 15973 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 15974 }, 15975 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 15976 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 15977 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 15978 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 15979 }, 15980 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 15981 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 15982 }, 15983 }, 15984 ], 15985 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 15986 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 15987 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 15988 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 15989 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 15990 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 15991 "A String", 15992 ], 15993 }, 15994 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 15995 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 15996 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 15997 { # HTTPHeader describes a custom header to be used in HTTP probes 15998 "name": "A String", # The header field name 15999 "value": "A String", # The header field value 16000 }, 16001 ], 16002 "path": "A String", # Path to access on the HTTP server. +optional 16003 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16004 "intVal": 42, # The int value. 16005 "strVal": "A String", # The string value. 16006 "type": 42, # The type of the value. 16007 }, 16008 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16009 }, 16010 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16011 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16012 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16013 "intVal": 42, # The int value. 16014 "strVal": "A String", # The string value. 16015 "type": 42, # The type of the value. 16016 }, 16017 }, 16018 }, 16019 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16020 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16021 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16022 "A String", 16023 ], 16024 }, 16025 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16026 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16027 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16028 { # HTTPHeader describes a custom header to be used in HTTP probes 16029 "name": "A String", # The header field name 16030 "value": "A String", # The header field value 16031 }, 16032 ], 16033 "path": "A String", # Path to access on the HTTP server. +optional 16034 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16035 "intVal": 42, # The int value. 16036 "strVal": "A String", # The string value. 16037 "type": 42, # The type of the value. 16038 }, 16039 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16040 }, 16041 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16042 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16043 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16044 "intVal": 42, # The int value. 16045 "strVal": "A String", # The string value. 16046 "type": 42, # The type of the value. 16047 }, 16048 }, 16049 }, 16050 }, 16051 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16052 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16053 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16054 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16055 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16056 "A String", 16057 ], 16058 }, 16059 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16060 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16061 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16062 { # HTTPHeader describes a custom header to be used in HTTP probes 16063 "name": "A String", # The header field name 16064 "value": "A String", # The header field value 16065 }, 16066 ], 16067 "path": "A String", # Path to access on the HTTP server. +optional 16068 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16069 "intVal": 42, # The int value. 16070 "strVal": "A String", # The string value. 16071 "type": 42, # The type of the value. 16072 }, 16073 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16074 }, 16075 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16076 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16077 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16078 "intVal": 42, # The int value. 16079 "strVal": "A String", # The string value. 16080 "type": 42, # The type of the value. 16081 }, 16082 }, 16083 }, 16084 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16085 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16086 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16087 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16088 }, 16089 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 16090 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 16091 { # ContainerPort represents a network port in a single container. 16092 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 16093 "hostIP": "A String", # What host IP to bind the external port to. +optional 16094 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 16095 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 16096 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 16097 }, 16098 ], 16099 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16100 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16101 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16102 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16103 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16104 "A String", 16105 ], 16106 }, 16107 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16108 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16109 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16110 { # HTTPHeader describes a custom header to be used in HTTP probes 16111 "name": "A String", # The header field name 16112 "value": "A String", # The header field value 16113 }, 16114 ], 16115 "path": "A String", # Path to access on the HTTP server. +optional 16116 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16117 "intVal": 42, # The int value. 16118 "strVal": "A String", # The string value. 16119 "type": 42, # The type of the value. 16120 }, 16121 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16122 }, 16123 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16124 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16125 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16126 "intVal": 42, # The int value. 16127 "strVal": "A String", # The string value. 16128 "type": 42, # The type of the value. 16129 }, 16130 }, 16131 }, 16132 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16133 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16134 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16135 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16136 }, 16137 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 16138 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16139 "a_key": "A String", 16140 }, 16141 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 16142 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16143 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16144 }, 16145 }, 16146 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16147 "a_key": "A String", 16148 }, 16149 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 16150 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16151 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16152 }, 16153 }, 16154 }, 16155 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 16156 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 16157 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 16158 "add": [ # Added capabilities +optional 16159 "A String", 16160 ], 16161 "drop": [ # Removed capabilities +optional 16162 "A String", 16163 ], 16164 }, 16165 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 16166 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 16167 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16168 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16169 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16170 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16171 "level": "A String", # Level is SELinux level label that applies to the container. +optional 16172 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 16173 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 16174 "user": "A String", # User is a SELinux user label that applies to the container. +optional 16175 }, 16176 }, 16177 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 16178 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 16179 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 16180 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 16181 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 16182 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 16183 { # volumeDevice describes a mapping of a raw block device within a container. 16184 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 16185 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 16186 }, 16187 ], 16188 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 16189 { # VolumeMount describes a mounting of a Volume within a container. 16190 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 16191 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 16192 "name": "A String", # This must match the Name of a Volume. 16193 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 16194 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 16195 }, 16196 ], 16197 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 16198 }, 16199 ], 16200 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 16201 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 16202 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 16203 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 16204 "volumes": [ 16205 { # Volume represents a named volume in a container. 16206 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 16207 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16208 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16209 { # Maps a string key to a path within a volume. 16210 "key": "A String", # The key to project. 16211 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16212 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16213 }, 16214 ], 16215 "name": "A String", # Name of the config. 16216 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16217 }, 16218 "name": "A String", # Volume's name. 16219 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 16220 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16221 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16222 { # Maps a string key to a path within a volume. 16223 "key": "A String", # The key to project. 16224 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16225 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16226 }, 16227 ], 16228 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16229 "secretName": "A String", # Name of the secret in the container's namespace to use. 16230 }, 16231 }, 16232 ], 16233 }, 16234 }, 16235 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 16236 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 16237 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 16238 "a_key": "A String", 16239 }, 16240 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 16241 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16242 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 16243 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16244 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 16245 "A String", 16246 ], 16247 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 16248 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 16249 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 16250 "a_key": "A String", 16251 }, 16252 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 16253 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 16254 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 16255 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 16256 "apiVersion": "A String", # API version of the referent. 16257 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 16258 "controller": True or False, # If true, this reference points to the managing controller. +optional 16259 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 16260 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 16261 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 16262 }, 16263 ], 16264 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 16265 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 16266 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 16267 }, 16268 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 16269 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 16270 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 16271 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16272 "A String", 16273 ], 16274 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16275 "A String", 16276 ], 16277 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 16278 { # EnvVar represents an environment variable present in a Container. 16279 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 16280 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 16281 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 16282 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 16283 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 16284 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16285 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16286 }, 16287 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 16288 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 16289 }, 16290 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 16291 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 16292 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16293 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16294 }, 16295 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 16296 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 16297 }, 16298 }, 16299 }, 16300 ], 16301 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 16302 { # EnvFromSource represents the source of a set of ConfigMaps 16303 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 16304 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16305 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16306 }, 16307 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 16308 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 16309 }, 16310 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 16311 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 16312 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16313 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16314 }, 16315 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 16316 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 16317 }, 16318 }, 16319 ], 16320 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 16321 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 16322 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 16323 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16324 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16325 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16326 "A String", 16327 ], 16328 }, 16329 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16330 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16331 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16332 { # HTTPHeader describes a custom header to be used in HTTP probes 16333 "name": "A String", # The header field name 16334 "value": "A String", # The header field value 16335 }, 16336 ], 16337 "path": "A String", # Path to access on the HTTP server. +optional 16338 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16339 "intVal": 42, # The int value. 16340 "strVal": "A String", # The string value. 16341 "type": 42, # The type of the value. 16342 }, 16343 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16344 }, 16345 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16346 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16347 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16348 "intVal": 42, # The int value. 16349 "strVal": "A String", # The string value. 16350 "type": 42, # The type of the value. 16351 }, 16352 }, 16353 }, 16354 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16355 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16356 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16357 "A String", 16358 ], 16359 }, 16360 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16361 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16362 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16363 { # HTTPHeader describes a custom header to be used in HTTP probes 16364 "name": "A String", # The header field name 16365 "value": "A String", # The header field value 16366 }, 16367 ], 16368 "path": "A String", # Path to access on the HTTP server. +optional 16369 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16370 "intVal": 42, # The int value. 16371 "strVal": "A String", # The string value. 16372 "type": 42, # The type of the value. 16373 }, 16374 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16375 }, 16376 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16377 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16378 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16379 "intVal": 42, # The int value. 16380 "strVal": "A String", # The string value. 16381 "type": 42, # The type of the value. 16382 }, 16383 }, 16384 }, 16385 }, 16386 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16387 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16388 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16389 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16390 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16391 "A String", 16392 ], 16393 }, 16394 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16395 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16396 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16397 { # HTTPHeader describes a custom header to be used in HTTP probes 16398 "name": "A String", # The header field name 16399 "value": "A String", # The header field value 16400 }, 16401 ], 16402 "path": "A String", # Path to access on the HTTP server. +optional 16403 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16404 "intVal": 42, # The int value. 16405 "strVal": "A String", # The string value. 16406 "type": 42, # The type of the value. 16407 }, 16408 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16409 }, 16410 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16411 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16412 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16413 "intVal": 42, # The int value. 16414 "strVal": "A String", # The string value. 16415 "type": 42, # The type of the value. 16416 }, 16417 }, 16418 }, 16419 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16420 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16421 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16422 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16423 }, 16424 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 16425 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 16426 { # ContainerPort represents a network port in a single container. 16427 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 16428 "hostIP": "A String", # What host IP to bind the external port to. +optional 16429 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 16430 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 16431 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 16432 }, 16433 ], 16434 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16435 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16436 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16437 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16438 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16439 "A String", 16440 ], 16441 }, 16442 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16443 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16444 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16445 { # HTTPHeader describes a custom header to be used in HTTP probes 16446 "name": "A String", # The header field name 16447 "value": "A String", # The header field value 16448 }, 16449 ], 16450 "path": "A String", # Path to access on the HTTP server. +optional 16451 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16452 "intVal": 42, # The int value. 16453 "strVal": "A String", # The string value. 16454 "type": 42, # The type of the value. 16455 }, 16456 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16457 }, 16458 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16459 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16460 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16461 "intVal": 42, # The int value. 16462 "strVal": "A String", # The string value. 16463 "type": 42, # The type of the value. 16464 }, 16465 }, 16466 }, 16467 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16468 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16469 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16470 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16471 }, 16472 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 16473 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16474 "a_key": "A String", 16475 }, 16476 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 16477 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16478 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16479 }, 16480 }, 16481 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16482 "a_key": "A String", 16483 }, 16484 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 16485 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16486 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16487 }, 16488 }, 16489 }, 16490 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 16491 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 16492 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 16493 "add": [ # Added capabilities +optional 16494 "A String", 16495 ], 16496 "drop": [ # Removed capabilities +optional 16497 "A String", 16498 ], 16499 }, 16500 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 16501 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 16502 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16503 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16504 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16505 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16506 "level": "A String", # Level is SELinux level label that applies to the container. +optional 16507 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 16508 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 16509 "user": "A String", # User is a SELinux user label that applies to the container. +optional 16510 }, 16511 }, 16512 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 16513 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 16514 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 16515 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 16516 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 16517 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 16518 { # volumeDevice describes a mapping of a raw block device within a container. 16519 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 16520 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 16521 }, 16522 ], 16523 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 16524 { # VolumeMount describes a mounting of a Volume within a container. 16525 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 16526 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 16527 "name": "A String", # This must match the Name of a Volume. 16528 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 16529 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 16530 }, 16531 ], 16532 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 16533 }, 16534 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 16535 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 16536 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 16537 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16538 "A String", 16539 ], 16540 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16541 "A String", 16542 ], 16543 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 16544 { # EnvVar represents an environment variable present in a Container. 16545 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 16546 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 16547 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 16548 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 16549 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 16550 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16551 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16552 }, 16553 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 16554 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 16555 }, 16556 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 16557 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 16558 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16559 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16560 }, 16561 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 16562 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 16563 }, 16564 }, 16565 }, 16566 ], 16567 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 16568 { # EnvFromSource represents the source of a set of ConfigMaps 16569 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 16570 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16571 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16572 }, 16573 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 16574 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 16575 }, 16576 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 16577 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 16578 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16579 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16580 }, 16581 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 16582 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 16583 }, 16584 }, 16585 ], 16586 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 16587 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 16588 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 16589 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16590 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16591 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16592 "A String", 16593 ], 16594 }, 16595 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16596 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16597 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16598 { # HTTPHeader describes a custom header to be used in HTTP probes 16599 "name": "A String", # The header field name 16600 "value": "A String", # The header field value 16601 }, 16602 ], 16603 "path": "A String", # Path to access on the HTTP server. +optional 16604 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16605 "intVal": 42, # The int value. 16606 "strVal": "A String", # The string value. 16607 "type": 42, # The type of the value. 16608 }, 16609 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16610 }, 16611 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16612 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16613 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16614 "intVal": 42, # The int value. 16615 "strVal": "A String", # The string value. 16616 "type": 42, # The type of the value. 16617 }, 16618 }, 16619 }, 16620 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16621 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16622 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16623 "A String", 16624 ], 16625 }, 16626 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16627 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16628 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16629 { # HTTPHeader describes a custom header to be used in HTTP probes 16630 "name": "A String", # The header field name 16631 "value": "A String", # The header field value 16632 }, 16633 ], 16634 "path": "A String", # Path to access on the HTTP server. +optional 16635 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16636 "intVal": 42, # The int value. 16637 "strVal": "A String", # The string value. 16638 "type": 42, # The type of the value. 16639 }, 16640 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16641 }, 16642 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16643 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16644 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16645 "intVal": 42, # The int value. 16646 "strVal": "A String", # The string value. 16647 "type": 42, # The type of the value. 16648 }, 16649 }, 16650 }, 16651 }, 16652 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16653 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16654 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16655 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16656 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16657 "A String", 16658 ], 16659 }, 16660 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16661 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16662 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16663 { # HTTPHeader describes a custom header to be used in HTTP probes 16664 "name": "A String", # The header field name 16665 "value": "A String", # The header field value 16666 }, 16667 ], 16668 "path": "A String", # Path to access on the HTTP server. +optional 16669 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16670 "intVal": 42, # The int value. 16671 "strVal": "A String", # The string value. 16672 "type": 42, # The type of the value. 16673 }, 16674 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16675 }, 16676 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16677 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16678 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16679 "intVal": 42, # The int value. 16680 "strVal": "A String", # The string value. 16681 "type": 42, # The type of the value. 16682 }, 16683 }, 16684 }, 16685 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16686 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16687 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16688 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16689 }, 16690 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 16691 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 16692 { # ContainerPort represents a network port in a single container. 16693 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 16694 "hostIP": "A String", # What host IP to bind the external port to. +optional 16695 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 16696 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 16697 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 16698 }, 16699 ], 16700 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16701 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16702 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16703 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16704 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16705 "A String", 16706 ], 16707 }, 16708 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16709 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16710 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16711 { # HTTPHeader describes a custom header to be used in HTTP probes 16712 "name": "A String", # The header field name 16713 "value": "A String", # The header field value 16714 }, 16715 ], 16716 "path": "A String", # Path to access on the HTTP server. +optional 16717 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16718 "intVal": 42, # The int value. 16719 "strVal": "A String", # The string value. 16720 "type": 42, # The type of the value. 16721 }, 16722 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16723 }, 16724 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16725 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16726 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16727 "intVal": 42, # The int value. 16728 "strVal": "A String", # The string value. 16729 "type": 42, # The type of the value. 16730 }, 16731 }, 16732 }, 16733 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16734 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 16735 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 16736 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16737 }, 16738 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 16739 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16740 "a_key": "A String", 16741 }, 16742 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 16743 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16744 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16745 }, 16746 }, 16747 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 16748 "a_key": "A String", 16749 }, 16750 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 16751 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 16752 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 16753 }, 16754 }, 16755 }, 16756 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 16757 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 16758 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 16759 "add": [ # Added capabilities +optional 16760 "A String", 16761 ], 16762 "drop": [ # Removed capabilities +optional 16763 "A String", 16764 ], 16765 }, 16766 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 16767 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 16768 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16769 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16770 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16771 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 16772 "level": "A String", # Level is SELinux level label that applies to the container. +optional 16773 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 16774 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 16775 "user": "A String", # User is a SELinux user label that applies to the container. +optional 16776 }, 16777 }, 16778 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 16779 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 16780 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 16781 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 16782 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 16783 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 16784 { # volumeDevice describes a mapping of a raw block device within a container. 16785 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 16786 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 16787 }, 16788 ], 16789 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 16790 { # VolumeMount describes a mounting of a Volume within a container. 16791 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 16792 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 16793 "name": "A String", # This must match the Name of a Volume. 16794 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 16795 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 16796 }, 16797 ], 16798 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 16799 }, 16800 ], 16801 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 16802 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 16803 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 16804 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 16805 "volumes": [ 16806 { # Volume represents a named volume in a container. 16807 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 16808 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16809 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16810 { # Maps a string key to a path within a volume. 16811 "key": "A String", # The key to project. 16812 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16813 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16814 }, 16815 ], 16816 "name": "A String", # Name of the config. 16817 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16818 }, 16819 "name": "A String", # Volume's name. 16820 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 16821 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 16822 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 16823 { # Maps a string key to a path within a volume. 16824 "key": "A String", # The key to project. 16825 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 16826 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 16827 }, 16828 ], 16829 "optional": True or False, # Specify whether the Secret or its keys must be defined. 16830 "secretName": "A String", # Name of the secret in the container's namespace to use. 16831 }, 16832 }, 16833 ], 16834 }, 16835 }, 16836 }, 16837 }, 16838 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 16839 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 16840 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 16841 "a_key": "A String", 16842 }, 16843 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 16844 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16845 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 16846 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 16847 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 16848 "A String", 16849 ], 16850 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 16851 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 16852 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 16853 "a_key": "A String", 16854 }, 16855 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 16856 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 16857 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 16858 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 16859 "apiVersion": "A String", # API version of the referent. 16860 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 16861 "controller": True or False, # If true, this reference points to the managing controller. +optional 16862 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 16863 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 16864 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 16865 }, 16866 ], 16867 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 16868 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 16869 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 16870 }, 16871 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 16872 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 16873 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 16874 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16875 "A String", 16876 ], 16877 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 16878 "A String", 16879 ], 16880 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 16881 { # EnvVar represents an environment variable present in a Container. 16882 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 16883 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 16884 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 16885 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 16886 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 16887 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16888 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16889 }, 16890 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 16891 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 16892 }, 16893 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 16894 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 16895 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16896 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16897 }, 16898 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 16899 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 16900 }, 16901 }, 16902 }, 16903 ], 16904 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 16905 { # EnvFromSource represents the source of a set of ConfigMaps 16906 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 16907 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16908 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16909 }, 16910 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 16911 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 16912 }, 16913 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 16914 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 16915 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 16916 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 16917 }, 16918 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 16919 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 16920 }, 16921 }, 16922 ], 16923 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 16924 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 16925 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 16926 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16927 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16928 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16929 "A String", 16930 ], 16931 }, 16932 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16933 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16934 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16935 { # HTTPHeader describes a custom header to be used in HTTP probes 16936 "name": "A String", # The header field name 16937 "value": "A String", # The header field value 16938 }, 16939 ], 16940 "path": "A String", # Path to access on the HTTP server. +optional 16941 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16942 "intVal": 42, # The int value. 16943 "strVal": "A String", # The string value. 16944 "type": 42, # The type of the value. 16945 }, 16946 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16947 }, 16948 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16949 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16950 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16951 "intVal": 42, # The int value. 16952 "strVal": "A String", # The string value. 16953 "type": 42, # The type of the value. 16954 }, 16955 }, 16956 }, 16957 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 16958 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16959 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16960 "A String", 16961 ], 16962 }, 16963 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16964 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16965 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 16966 { # HTTPHeader describes a custom header to be used in HTTP probes 16967 "name": "A String", # The header field name 16968 "value": "A String", # The header field value 16969 }, 16970 ], 16971 "path": "A String", # Path to access on the HTTP server. +optional 16972 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16973 "intVal": 42, # The int value. 16974 "strVal": "A String", # The string value. 16975 "type": 42, # The type of the value. 16976 }, 16977 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 16978 }, 16979 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 16980 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 16981 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 16982 "intVal": 42, # The int value. 16983 "strVal": "A String", # The string value. 16984 "type": 42, # The type of the value. 16985 }, 16986 }, 16987 }, 16988 }, 16989 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 16990 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 16991 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 16992 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 16993 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 16994 "A String", 16995 ], 16996 }, 16997 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 16998 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 16999 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17000 { # HTTPHeader describes a custom header to be used in HTTP probes 17001 "name": "A String", # The header field name 17002 "value": "A String", # The header field value 17003 }, 17004 ], 17005 "path": "A String", # Path to access on the HTTP server. +optional 17006 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17007 "intVal": 42, # The int value. 17008 "strVal": "A String", # The string value. 17009 "type": 42, # The type of the value. 17010 }, 17011 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17012 }, 17013 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17014 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17015 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17016 "intVal": 42, # The int value. 17017 "strVal": "A String", # The string value. 17018 "type": 42, # The type of the value. 17019 }, 17020 }, 17021 }, 17022 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17023 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17024 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17025 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17026 }, 17027 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 17028 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 17029 { # ContainerPort represents a network port in a single container. 17030 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 17031 "hostIP": "A String", # What host IP to bind the external port to. +optional 17032 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 17033 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 17034 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 17035 }, 17036 ], 17037 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17038 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17039 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17040 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17041 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17042 "A String", 17043 ], 17044 }, 17045 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17046 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17047 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17048 { # HTTPHeader describes a custom header to be used in HTTP probes 17049 "name": "A String", # The header field name 17050 "value": "A String", # The header field value 17051 }, 17052 ], 17053 "path": "A String", # Path to access on the HTTP server. +optional 17054 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17055 "intVal": 42, # The int value. 17056 "strVal": "A String", # The string value. 17057 "type": 42, # The type of the value. 17058 }, 17059 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17060 }, 17061 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17062 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17063 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17064 "intVal": 42, # The int value. 17065 "strVal": "A String", # The string value. 17066 "type": 42, # The type of the value. 17067 }, 17068 }, 17069 }, 17070 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17071 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17072 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17073 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17074 }, 17075 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 17076 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17077 "a_key": "A String", 17078 }, 17079 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 17080 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17081 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17082 }, 17083 }, 17084 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17085 "a_key": "A String", 17086 }, 17087 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 17088 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17089 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17090 }, 17091 }, 17092 }, 17093 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 17094 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 17095 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 17096 "add": [ # Added capabilities +optional 17097 "A String", 17098 ], 17099 "drop": [ # Removed capabilities +optional 17100 "A String", 17101 ], 17102 }, 17103 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 17104 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 17105 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17106 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17107 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17108 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17109 "level": "A String", # Level is SELinux level label that applies to the container. +optional 17110 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 17111 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 17112 "user": "A String", # User is a SELinux user label that applies to the container. +optional 17113 }, 17114 }, 17115 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 17116 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 17117 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 17118 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 17119 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 17120 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 17121 { # volumeDevice describes a mapping of a raw block device within a container. 17122 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 17123 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 17124 }, 17125 ], 17126 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 17127 { # VolumeMount describes a mounting of a Volume within a container. 17128 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 17129 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 17130 "name": "A String", # This must match the Name of a Volume. 17131 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 17132 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 17133 }, 17134 ], 17135 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 17136 }, 17137 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 17138 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 17139 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 17140 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17141 "A String", 17142 ], 17143 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17144 "A String", 17145 ], 17146 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 17147 { # EnvVar represents an environment variable present in a Container. 17148 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 17149 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 17150 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 17151 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 17152 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 17153 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17154 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17155 }, 17156 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 17157 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 17158 }, 17159 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 17160 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 17161 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17162 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17163 }, 17164 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 17165 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 17166 }, 17167 }, 17168 }, 17169 ], 17170 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 17171 { # EnvFromSource represents the source of a set of ConfigMaps 17172 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 17173 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17174 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17175 }, 17176 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 17177 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 17178 }, 17179 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 17180 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 17181 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17182 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17183 }, 17184 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 17185 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 17186 }, 17187 }, 17188 ], 17189 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 17190 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 17191 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 17192 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17193 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17194 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17195 "A String", 17196 ], 17197 }, 17198 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17199 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17200 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17201 { # HTTPHeader describes a custom header to be used in HTTP probes 17202 "name": "A String", # The header field name 17203 "value": "A String", # The header field value 17204 }, 17205 ], 17206 "path": "A String", # Path to access on the HTTP server. +optional 17207 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17208 "intVal": 42, # The int value. 17209 "strVal": "A String", # The string value. 17210 "type": 42, # The type of the value. 17211 }, 17212 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17213 }, 17214 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17215 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17216 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17217 "intVal": 42, # The int value. 17218 "strVal": "A String", # The string value. 17219 "type": 42, # The type of the value. 17220 }, 17221 }, 17222 }, 17223 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17224 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17225 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17226 "A String", 17227 ], 17228 }, 17229 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17230 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17231 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17232 { # HTTPHeader describes a custom header to be used in HTTP probes 17233 "name": "A String", # The header field name 17234 "value": "A String", # The header field value 17235 }, 17236 ], 17237 "path": "A String", # Path to access on the HTTP server. +optional 17238 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17239 "intVal": 42, # The int value. 17240 "strVal": "A String", # The string value. 17241 "type": 42, # The type of the value. 17242 }, 17243 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17244 }, 17245 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17246 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17247 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17248 "intVal": 42, # The int value. 17249 "strVal": "A String", # The string value. 17250 "type": 42, # The type of the value. 17251 }, 17252 }, 17253 }, 17254 }, 17255 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17256 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17257 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17258 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17259 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17260 "A String", 17261 ], 17262 }, 17263 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17264 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17265 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17266 { # HTTPHeader describes a custom header to be used in HTTP probes 17267 "name": "A String", # The header field name 17268 "value": "A String", # The header field value 17269 }, 17270 ], 17271 "path": "A String", # Path to access on the HTTP server. +optional 17272 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17273 "intVal": 42, # The int value. 17274 "strVal": "A String", # The string value. 17275 "type": 42, # The type of the value. 17276 }, 17277 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17278 }, 17279 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17280 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17281 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17282 "intVal": 42, # The int value. 17283 "strVal": "A String", # The string value. 17284 "type": 42, # The type of the value. 17285 }, 17286 }, 17287 }, 17288 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17289 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17290 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17291 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17292 }, 17293 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 17294 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 17295 { # ContainerPort represents a network port in a single container. 17296 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 17297 "hostIP": "A String", # What host IP to bind the external port to. +optional 17298 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 17299 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 17300 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 17301 }, 17302 ], 17303 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17304 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17305 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17306 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17307 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17308 "A String", 17309 ], 17310 }, 17311 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17312 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17313 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17314 { # HTTPHeader describes a custom header to be used in HTTP probes 17315 "name": "A String", # The header field name 17316 "value": "A String", # The header field value 17317 }, 17318 ], 17319 "path": "A String", # Path to access on the HTTP server. +optional 17320 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17321 "intVal": 42, # The int value. 17322 "strVal": "A String", # The string value. 17323 "type": 42, # The type of the value. 17324 }, 17325 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17326 }, 17327 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17328 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17329 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17330 "intVal": 42, # The int value. 17331 "strVal": "A String", # The string value. 17332 "type": 42, # The type of the value. 17333 }, 17334 }, 17335 }, 17336 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17337 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17338 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17339 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17340 }, 17341 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 17342 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17343 "a_key": "A String", 17344 }, 17345 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 17346 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17347 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17348 }, 17349 }, 17350 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17351 "a_key": "A String", 17352 }, 17353 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 17354 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17355 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17356 }, 17357 }, 17358 }, 17359 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 17360 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 17361 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 17362 "add": [ # Added capabilities +optional 17363 "A String", 17364 ], 17365 "drop": [ # Removed capabilities +optional 17366 "A String", 17367 ], 17368 }, 17369 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 17370 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 17371 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17372 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17373 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17374 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17375 "level": "A String", # Level is SELinux level label that applies to the container. +optional 17376 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 17377 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 17378 "user": "A String", # User is a SELinux user label that applies to the container. +optional 17379 }, 17380 }, 17381 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 17382 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 17383 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 17384 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 17385 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 17386 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 17387 { # volumeDevice describes a mapping of a raw block device within a container. 17388 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 17389 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 17390 }, 17391 ], 17392 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 17393 { # VolumeMount describes a mounting of a Volume within a container. 17394 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 17395 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 17396 "name": "A String", # This must match the Name of a Volume. 17397 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 17398 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 17399 }, 17400 ], 17401 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 17402 }, 17403 ], 17404 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 17405 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 17406 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 17407 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 17408 "volumes": [ 17409 { # Volume represents a named volume in a container. 17410 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 17411 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 17412 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 17413 { # Maps a string key to a path within a volume. 17414 "key": "A String", # The key to project. 17415 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 17416 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 17417 }, 17418 ], 17419 "name": "A String", # Name of the config. 17420 "optional": True or False, # Specify whether the Secret or its keys must be defined. 17421 }, 17422 "name": "A String", # Volume's name. 17423 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 17424 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 17425 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 17426 { # Maps a string key to a path within a volume. 17427 "key": "A String", # The key to project. 17428 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 17429 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 17430 }, 17431 ], 17432 "optional": True or False, # Specify whether the Secret or its keys must be defined. 17433 "secretName": "A String", # Name of the secret in the container's namespace to use. 17434 }, 17435 }, 17436 ], 17437 }, 17438 }, 17439 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 17440 { # TrafficTarget holds a single entry of the routing table for a Route. 17441 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 17442 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 17443 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 17444 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 17445 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 17446 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 17447 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 17448 }, 17449 ], 17450 }, 17451 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 17452 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 17453 "hostname": "A String", # Deprecated - use url instead. 17454 "url": "A String", 17455 }, 17456 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 17457 { # ServiceCondition defines a readiness condition for a Service. 17458 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 17459 "message": "A String", # Human-readable message indicating details about last transition. +optional 17460 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 17461 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 17462 "status": "A String", # Status of the condition, one of True, False, Unknown. 17463 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 17464 }, 17465 ], 17466 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 17467 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 17468 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 17469 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 17470 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 17471 { # TrafficTarget holds a single entry of the routing table for a Route. 17472 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 17473 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 17474 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 17475 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 17476 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 17477 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 17478 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 17479 }, 17480 ], 17481 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 17482 }, 17483 }, 17484 ], 17485 "kind": "A String", # The kind of this resource, in this case "ServiceList". 17486 "metadata": { # ListMeta describes metadata that synthetic resources must have, including lists and various status objects. A resource may have only one of {ObjectMeta, ListMeta}. # Metadata associated with this Service list. 17487 "continue": "A String", # continue may be set if the user set a limit on the number of items returned, and indicates that the server has more data available. The value is opaque and may be used to issue another request to the endpoint that served this list to retrieve the next set of available objects. Continuing a list may not be possible if the server configuration has changed or more than a few minutes have passed. The resourceVersion field returned when using this continue value will be identical to the value in the first response. 17488 "resourceVersion": "A String", # String that identifies the server's internal version of this object that can be used by clients to determine when objects have changed. Value must be treated as opaque by clients and passed unmodified back to the server. Populated by the system. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 17489 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional 17490 }, 17491 "unreachable": [ # Locations that could not be reached. 17492 "A String", 17493 ], 17494}</pre> 17495</div> 17496 17497<div class="method"> 17498 <code class="details" id="replaceService">replaceService(name, body=None, x__xgafv=None)</code> 17499 <pre>Rpc to replace a service. Only the spec and metadata labels and annotations are modifiable. After the Update request, Cloud Run will work to make the 'status' match the requested 'spec'. May provide metadata.resourceVersion to enforce update from last read for optimistic concurrency control. 17500 17501Args: 17502 name: string, The name of the service being replaced. If needed, replace {namespace_id} with the project ID. (required) 17503 body: object, The request body. 17504 The object takes the form of: 17505 17506{ # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 17507 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 17508 "kind": "A String", # The kind of resource, in this case "Service". 17509 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 17510 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 17511 "a_key": "A String", 17512 }, 17513 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 17514 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17515 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 17516 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17517 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 17518 "A String", 17519 ], 17520 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 17521 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 17522 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 17523 "a_key": "A String", 17524 }, 17525 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 17526 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 17527 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 17528 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 17529 "apiVersion": "A String", # API version of the referent. 17530 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 17531 "controller": True or False, # If true, this reference points to the managing controller. +optional 17532 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 17533 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 17534 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 17535 }, 17536 ], 17537 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 17538 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 17539 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 17540 }, 17541 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 17542 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 17543 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 17544 }, 17545 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 17546 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 17547 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 17548 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 17549 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 17550 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 17551 "a_key": "A String", 17552 }, 17553 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 17554 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17555 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 17556 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 17557 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 17558 "A String", 17559 ], 17560 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 17561 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 17562 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 17563 "a_key": "A String", 17564 }, 17565 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 17566 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 17567 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 17568 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 17569 "apiVersion": "A String", # API version of the referent. 17570 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 17571 "controller": True or False, # If true, this reference points to the managing controller. +optional 17572 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 17573 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 17574 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 17575 }, 17576 ], 17577 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 17578 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 17579 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 17580 }, 17581 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 17582 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 17583 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 17584 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17585 "A String", 17586 ], 17587 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17588 "A String", 17589 ], 17590 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 17591 { # EnvVar represents an environment variable present in a Container. 17592 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 17593 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 17594 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 17595 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 17596 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 17597 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17598 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17599 }, 17600 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 17601 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 17602 }, 17603 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 17604 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 17605 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17606 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17607 }, 17608 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 17609 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 17610 }, 17611 }, 17612 }, 17613 ], 17614 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 17615 { # EnvFromSource represents the source of a set of ConfigMaps 17616 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 17617 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17618 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17619 }, 17620 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 17621 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 17622 }, 17623 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 17624 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 17625 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17626 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17627 }, 17628 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 17629 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 17630 }, 17631 }, 17632 ], 17633 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 17634 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 17635 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 17636 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17637 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17638 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17639 "A String", 17640 ], 17641 }, 17642 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17643 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17644 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17645 { # HTTPHeader describes a custom header to be used in HTTP probes 17646 "name": "A String", # The header field name 17647 "value": "A String", # The header field value 17648 }, 17649 ], 17650 "path": "A String", # Path to access on the HTTP server. +optional 17651 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17652 "intVal": 42, # The int value. 17653 "strVal": "A String", # The string value. 17654 "type": 42, # The type of the value. 17655 }, 17656 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17657 }, 17658 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17659 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17660 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17661 "intVal": 42, # The int value. 17662 "strVal": "A String", # The string value. 17663 "type": 42, # The type of the value. 17664 }, 17665 }, 17666 }, 17667 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17668 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17669 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17670 "A String", 17671 ], 17672 }, 17673 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17674 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17675 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17676 { # HTTPHeader describes a custom header to be used in HTTP probes 17677 "name": "A String", # The header field name 17678 "value": "A String", # The header field value 17679 }, 17680 ], 17681 "path": "A String", # Path to access on the HTTP server. +optional 17682 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17683 "intVal": 42, # The int value. 17684 "strVal": "A String", # The string value. 17685 "type": 42, # The type of the value. 17686 }, 17687 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17688 }, 17689 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17690 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17691 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17692 "intVal": 42, # The int value. 17693 "strVal": "A String", # The string value. 17694 "type": 42, # The type of the value. 17695 }, 17696 }, 17697 }, 17698 }, 17699 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17700 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17701 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17702 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17703 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17704 "A String", 17705 ], 17706 }, 17707 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17708 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17709 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17710 { # HTTPHeader describes a custom header to be used in HTTP probes 17711 "name": "A String", # The header field name 17712 "value": "A String", # The header field value 17713 }, 17714 ], 17715 "path": "A String", # Path to access on the HTTP server. +optional 17716 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17717 "intVal": 42, # The int value. 17718 "strVal": "A String", # The string value. 17719 "type": 42, # The type of the value. 17720 }, 17721 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17722 }, 17723 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17724 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17725 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17726 "intVal": 42, # The int value. 17727 "strVal": "A String", # The string value. 17728 "type": 42, # The type of the value. 17729 }, 17730 }, 17731 }, 17732 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17733 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17734 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17735 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17736 }, 17737 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 17738 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 17739 { # ContainerPort represents a network port in a single container. 17740 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 17741 "hostIP": "A String", # What host IP to bind the external port to. +optional 17742 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 17743 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 17744 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 17745 }, 17746 ], 17747 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17748 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17749 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17750 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17751 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17752 "A String", 17753 ], 17754 }, 17755 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17756 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17757 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17758 { # HTTPHeader describes a custom header to be used in HTTP probes 17759 "name": "A String", # The header field name 17760 "value": "A String", # The header field value 17761 }, 17762 ], 17763 "path": "A String", # Path to access on the HTTP server. +optional 17764 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17765 "intVal": 42, # The int value. 17766 "strVal": "A String", # The string value. 17767 "type": 42, # The type of the value. 17768 }, 17769 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17770 }, 17771 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17772 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17773 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17774 "intVal": 42, # The int value. 17775 "strVal": "A String", # The string value. 17776 "type": 42, # The type of the value. 17777 }, 17778 }, 17779 }, 17780 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17781 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 17782 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 17783 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17784 }, 17785 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 17786 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17787 "a_key": "A String", 17788 }, 17789 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 17790 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17791 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17792 }, 17793 }, 17794 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 17795 "a_key": "A String", 17796 }, 17797 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 17798 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 17799 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 17800 }, 17801 }, 17802 }, 17803 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 17804 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 17805 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 17806 "add": [ # Added capabilities +optional 17807 "A String", 17808 ], 17809 "drop": [ # Removed capabilities +optional 17810 "A String", 17811 ], 17812 }, 17813 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 17814 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 17815 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17816 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17817 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17818 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 17819 "level": "A String", # Level is SELinux level label that applies to the container. +optional 17820 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 17821 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 17822 "user": "A String", # User is a SELinux user label that applies to the container. +optional 17823 }, 17824 }, 17825 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 17826 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 17827 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 17828 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 17829 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 17830 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 17831 { # volumeDevice describes a mapping of a raw block device within a container. 17832 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 17833 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 17834 }, 17835 ], 17836 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 17837 { # VolumeMount describes a mounting of a Volume within a container. 17838 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 17839 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 17840 "name": "A String", # This must match the Name of a Volume. 17841 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 17842 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 17843 }, 17844 ], 17845 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 17846 }, 17847 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 17848 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 17849 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 17850 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17851 "A String", 17852 ], 17853 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 17854 "A String", 17855 ], 17856 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 17857 { # EnvVar represents an environment variable present in a Container. 17858 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 17859 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 17860 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 17861 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 17862 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 17863 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17864 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17865 }, 17866 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 17867 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 17868 }, 17869 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 17870 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 17871 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17872 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17873 }, 17874 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 17875 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 17876 }, 17877 }, 17878 }, 17879 ], 17880 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 17881 { # EnvFromSource represents the source of a set of ConfigMaps 17882 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 17883 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17884 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17885 }, 17886 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 17887 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 17888 }, 17889 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 17890 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 17891 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 17892 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 17893 }, 17894 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 17895 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 17896 }, 17897 }, 17898 ], 17899 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 17900 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 17901 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 17902 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17903 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17904 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17905 "A String", 17906 ], 17907 }, 17908 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17909 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17910 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17911 { # HTTPHeader describes a custom header to be used in HTTP probes 17912 "name": "A String", # The header field name 17913 "value": "A String", # The header field value 17914 }, 17915 ], 17916 "path": "A String", # Path to access on the HTTP server. +optional 17917 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17918 "intVal": 42, # The int value. 17919 "strVal": "A String", # The string value. 17920 "type": 42, # The type of the value. 17921 }, 17922 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17923 }, 17924 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17925 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17926 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17927 "intVal": 42, # The int value. 17928 "strVal": "A String", # The string value. 17929 "type": 42, # The type of the value. 17930 }, 17931 }, 17932 }, 17933 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 17934 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17935 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17936 "A String", 17937 ], 17938 }, 17939 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17940 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17941 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17942 { # HTTPHeader describes a custom header to be used in HTTP probes 17943 "name": "A String", # The header field name 17944 "value": "A String", # The header field value 17945 }, 17946 ], 17947 "path": "A String", # Path to access on the HTTP server. +optional 17948 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17949 "intVal": 42, # The int value. 17950 "strVal": "A String", # The string value. 17951 "type": 42, # The type of the value. 17952 }, 17953 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17954 }, 17955 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17956 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17957 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17958 "intVal": 42, # The int value. 17959 "strVal": "A String", # The string value. 17960 "type": 42, # The type of the value. 17961 }, 17962 }, 17963 }, 17964 }, 17965 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17966 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 17967 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 17968 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 17969 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 17970 "A String", 17971 ], 17972 }, 17973 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 17974 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 17975 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 17976 { # HTTPHeader describes a custom header to be used in HTTP probes 17977 "name": "A String", # The header field name 17978 "value": "A String", # The header field value 17979 }, 17980 ], 17981 "path": "A String", # Path to access on the HTTP server. +optional 17982 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17983 "intVal": 42, # The int value. 17984 "strVal": "A String", # The string value. 17985 "type": 42, # The type of the value. 17986 }, 17987 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 17988 }, 17989 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 17990 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 17991 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 17992 "intVal": 42, # The int value. 17993 "strVal": "A String", # The string value. 17994 "type": 42, # The type of the value. 17995 }, 17996 }, 17997 }, 17998 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 17999 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18000 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18001 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18002 }, 18003 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 18004 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 18005 { # ContainerPort represents a network port in a single container. 18006 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 18007 "hostIP": "A String", # What host IP to bind the external port to. +optional 18008 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 18009 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 18010 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 18011 }, 18012 ], 18013 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18014 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18015 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18016 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18017 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18018 "A String", 18019 ], 18020 }, 18021 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18022 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18023 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18024 { # HTTPHeader describes a custom header to be used in HTTP probes 18025 "name": "A String", # The header field name 18026 "value": "A String", # The header field value 18027 }, 18028 ], 18029 "path": "A String", # Path to access on the HTTP server. +optional 18030 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18031 "intVal": 42, # The int value. 18032 "strVal": "A String", # The string value. 18033 "type": 42, # The type of the value. 18034 }, 18035 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18036 }, 18037 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18038 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18039 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18040 "intVal": 42, # The int value. 18041 "strVal": "A String", # The string value. 18042 "type": 42, # The type of the value. 18043 }, 18044 }, 18045 }, 18046 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18047 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18048 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18049 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18050 }, 18051 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 18052 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18053 "a_key": "A String", 18054 }, 18055 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 18056 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18057 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18058 }, 18059 }, 18060 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18061 "a_key": "A String", 18062 }, 18063 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 18064 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18065 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18066 }, 18067 }, 18068 }, 18069 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 18070 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 18071 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 18072 "add": [ # Added capabilities +optional 18073 "A String", 18074 ], 18075 "drop": [ # Removed capabilities +optional 18076 "A String", 18077 ], 18078 }, 18079 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 18080 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 18081 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18082 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18083 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18084 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18085 "level": "A String", # Level is SELinux level label that applies to the container. +optional 18086 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 18087 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 18088 "user": "A String", # User is a SELinux user label that applies to the container. +optional 18089 }, 18090 }, 18091 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 18092 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 18093 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 18094 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 18095 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 18096 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 18097 { # volumeDevice describes a mapping of a raw block device within a container. 18098 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 18099 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 18100 }, 18101 ], 18102 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 18103 { # VolumeMount describes a mounting of a Volume within a container. 18104 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 18105 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 18106 "name": "A String", # This must match the Name of a Volume. 18107 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 18108 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 18109 }, 18110 ], 18111 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 18112 }, 18113 ], 18114 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 18115 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 18116 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 18117 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 18118 "volumes": [ 18119 { # Volume represents a named volume in a container. 18120 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 18121 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18122 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18123 { # Maps a string key to a path within a volume. 18124 "key": "A String", # The key to project. 18125 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18126 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18127 }, 18128 ], 18129 "name": "A String", # Name of the config. 18130 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18131 }, 18132 "name": "A String", # Volume's name. 18133 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 18134 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18135 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18136 { # Maps a string key to a path within a volume. 18137 "key": "A String", # The key to project. 18138 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18139 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18140 }, 18141 ], 18142 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18143 "secretName": "A String", # Name of the secret in the container's namespace to use. 18144 }, 18145 }, 18146 ], 18147 }, 18148 }, 18149 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 18150 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 18151 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 18152 "a_key": "A String", 18153 }, 18154 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 18155 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18156 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 18157 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18158 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 18159 "A String", 18160 ], 18161 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 18162 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 18163 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 18164 "a_key": "A String", 18165 }, 18166 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 18167 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 18168 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 18169 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 18170 "apiVersion": "A String", # API version of the referent. 18171 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 18172 "controller": True or False, # If true, this reference points to the managing controller. +optional 18173 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 18174 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 18175 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 18176 }, 18177 ], 18178 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 18179 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 18180 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 18181 }, 18182 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 18183 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 18184 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 18185 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18186 "A String", 18187 ], 18188 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18189 "A String", 18190 ], 18191 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 18192 { # EnvVar represents an environment variable present in a Container. 18193 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 18194 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 18195 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 18196 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 18197 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 18198 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18199 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18200 }, 18201 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 18202 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 18203 }, 18204 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 18205 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 18206 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18207 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18208 }, 18209 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 18210 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 18211 }, 18212 }, 18213 }, 18214 ], 18215 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 18216 { # EnvFromSource represents the source of a set of ConfigMaps 18217 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 18218 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18219 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18220 }, 18221 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 18222 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 18223 }, 18224 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 18225 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 18226 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18227 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18228 }, 18229 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 18230 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 18231 }, 18232 }, 18233 ], 18234 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 18235 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 18236 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 18237 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18238 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18239 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18240 "A String", 18241 ], 18242 }, 18243 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18244 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18245 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18246 { # HTTPHeader describes a custom header to be used in HTTP probes 18247 "name": "A String", # The header field name 18248 "value": "A String", # The header field value 18249 }, 18250 ], 18251 "path": "A String", # Path to access on the HTTP server. +optional 18252 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18253 "intVal": 42, # The int value. 18254 "strVal": "A String", # The string value. 18255 "type": 42, # The type of the value. 18256 }, 18257 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18258 }, 18259 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18260 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18261 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18262 "intVal": 42, # The int value. 18263 "strVal": "A String", # The string value. 18264 "type": 42, # The type of the value. 18265 }, 18266 }, 18267 }, 18268 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18269 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18270 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18271 "A String", 18272 ], 18273 }, 18274 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18275 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18276 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18277 { # HTTPHeader describes a custom header to be used in HTTP probes 18278 "name": "A String", # The header field name 18279 "value": "A String", # The header field value 18280 }, 18281 ], 18282 "path": "A String", # Path to access on the HTTP server. +optional 18283 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18284 "intVal": 42, # The int value. 18285 "strVal": "A String", # The string value. 18286 "type": 42, # The type of the value. 18287 }, 18288 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18289 }, 18290 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18291 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18292 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18293 "intVal": 42, # The int value. 18294 "strVal": "A String", # The string value. 18295 "type": 42, # The type of the value. 18296 }, 18297 }, 18298 }, 18299 }, 18300 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18301 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18302 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18303 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18304 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18305 "A String", 18306 ], 18307 }, 18308 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18309 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18310 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18311 { # HTTPHeader describes a custom header to be used in HTTP probes 18312 "name": "A String", # The header field name 18313 "value": "A String", # The header field value 18314 }, 18315 ], 18316 "path": "A String", # Path to access on the HTTP server. +optional 18317 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18318 "intVal": 42, # The int value. 18319 "strVal": "A String", # The string value. 18320 "type": 42, # The type of the value. 18321 }, 18322 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18323 }, 18324 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18325 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18326 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18327 "intVal": 42, # The int value. 18328 "strVal": "A String", # The string value. 18329 "type": 42, # The type of the value. 18330 }, 18331 }, 18332 }, 18333 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18334 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18335 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18336 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18337 }, 18338 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 18339 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 18340 { # ContainerPort represents a network port in a single container. 18341 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 18342 "hostIP": "A String", # What host IP to bind the external port to. +optional 18343 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 18344 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 18345 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 18346 }, 18347 ], 18348 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18349 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18350 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18351 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18352 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18353 "A String", 18354 ], 18355 }, 18356 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18357 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18358 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18359 { # HTTPHeader describes a custom header to be used in HTTP probes 18360 "name": "A String", # The header field name 18361 "value": "A String", # The header field value 18362 }, 18363 ], 18364 "path": "A String", # Path to access on the HTTP server. +optional 18365 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18366 "intVal": 42, # The int value. 18367 "strVal": "A String", # The string value. 18368 "type": 42, # The type of the value. 18369 }, 18370 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18371 }, 18372 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18373 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18374 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18375 "intVal": 42, # The int value. 18376 "strVal": "A String", # The string value. 18377 "type": 42, # The type of the value. 18378 }, 18379 }, 18380 }, 18381 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18382 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18383 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18384 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18385 }, 18386 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 18387 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18388 "a_key": "A String", 18389 }, 18390 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 18391 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18392 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18393 }, 18394 }, 18395 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18396 "a_key": "A String", 18397 }, 18398 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 18399 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18400 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18401 }, 18402 }, 18403 }, 18404 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 18405 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 18406 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 18407 "add": [ # Added capabilities +optional 18408 "A String", 18409 ], 18410 "drop": [ # Removed capabilities +optional 18411 "A String", 18412 ], 18413 }, 18414 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 18415 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 18416 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18417 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18418 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18419 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18420 "level": "A String", # Level is SELinux level label that applies to the container. +optional 18421 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 18422 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 18423 "user": "A String", # User is a SELinux user label that applies to the container. +optional 18424 }, 18425 }, 18426 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 18427 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 18428 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 18429 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 18430 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 18431 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 18432 { # volumeDevice describes a mapping of a raw block device within a container. 18433 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 18434 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 18435 }, 18436 ], 18437 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 18438 { # VolumeMount describes a mounting of a Volume within a container. 18439 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 18440 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 18441 "name": "A String", # This must match the Name of a Volume. 18442 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 18443 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 18444 }, 18445 ], 18446 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 18447 }, 18448 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 18449 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 18450 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 18451 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18452 "A String", 18453 ], 18454 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18455 "A String", 18456 ], 18457 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 18458 { # EnvVar represents an environment variable present in a Container. 18459 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 18460 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 18461 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 18462 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 18463 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 18464 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18465 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18466 }, 18467 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 18468 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 18469 }, 18470 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 18471 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 18472 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18473 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18474 }, 18475 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 18476 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 18477 }, 18478 }, 18479 }, 18480 ], 18481 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 18482 { # EnvFromSource represents the source of a set of ConfigMaps 18483 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 18484 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18485 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18486 }, 18487 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 18488 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 18489 }, 18490 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 18491 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 18492 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18493 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18494 }, 18495 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 18496 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 18497 }, 18498 }, 18499 ], 18500 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 18501 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 18502 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 18503 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18504 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18505 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18506 "A String", 18507 ], 18508 }, 18509 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18510 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18511 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18512 { # HTTPHeader describes a custom header to be used in HTTP probes 18513 "name": "A String", # The header field name 18514 "value": "A String", # The header field value 18515 }, 18516 ], 18517 "path": "A String", # Path to access on the HTTP server. +optional 18518 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18519 "intVal": 42, # The int value. 18520 "strVal": "A String", # The string value. 18521 "type": 42, # The type of the value. 18522 }, 18523 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18524 }, 18525 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18526 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18527 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18528 "intVal": 42, # The int value. 18529 "strVal": "A String", # The string value. 18530 "type": 42, # The type of the value. 18531 }, 18532 }, 18533 }, 18534 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18535 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18536 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18537 "A String", 18538 ], 18539 }, 18540 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18541 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18542 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18543 { # HTTPHeader describes a custom header to be used in HTTP probes 18544 "name": "A String", # The header field name 18545 "value": "A String", # The header field value 18546 }, 18547 ], 18548 "path": "A String", # Path to access on the HTTP server. +optional 18549 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18550 "intVal": 42, # The int value. 18551 "strVal": "A String", # The string value. 18552 "type": 42, # The type of the value. 18553 }, 18554 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18555 }, 18556 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18557 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18558 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18559 "intVal": 42, # The int value. 18560 "strVal": "A String", # The string value. 18561 "type": 42, # The type of the value. 18562 }, 18563 }, 18564 }, 18565 }, 18566 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18567 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18568 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18569 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18570 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18571 "A String", 18572 ], 18573 }, 18574 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18575 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18576 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18577 { # HTTPHeader describes a custom header to be used in HTTP probes 18578 "name": "A String", # The header field name 18579 "value": "A String", # The header field value 18580 }, 18581 ], 18582 "path": "A String", # Path to access on the HTTP server. +optional 18583 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18584 "intVal": 42, # The int value. 18585 "strVal": "A String", # The string value. 18586 "type": 42, # The type of the value. 18587 }, 18588 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18589 }, 18590 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18591 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18592 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18593 "intVal": 42, # The int value. 18594 "strVal": "A String", # The string value. 18595 "type": 42, # The type of the value. 18596 }, 18597 }, 18598 }, 18599 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18600 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18601 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18602 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18603 }, 18604 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 18605 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 18606 { # ContainerPort represents a network port in a single container. 18607 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 18608 "hostIP": "A String", # What host IP to bind the external port to. +optional 18609 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 18610 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 18611 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 18612 }, 18613 ], 18614 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18615 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18616 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18617 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18618 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18619 "A String", 18620 ], 18621 }, 18622 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18623 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18624 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18625 { # HTTPHeader describes a custom header to be used in HTTP probes 18626 "name": "A String", # The header field name 18627 "value": "A String", # The header field value 18628 }, 18629 ], 18630 "path": "A String", # Path to access on the HTTP server. +optional 18631 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18632 "intVal": 42, # The int value. 18633 "strVal": "A String", # The string value. 18634 "type": 42, # The type of the value. 18635 }, 18636 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18637 }, 18638 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18639 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18640 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18641 "intVal": 42, # The int value. 18642 "strVal": "A String", # The string value. 18643 "type": 42, # The type of the value. 18644 }, 18645 }, 18646 }, 18647 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18648 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18649 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18650 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18651 }, 18652 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 18653 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18654 "a_key": "A String", 18655 }, 18656 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 18657 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18658 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18659 }, 18660 }, 18661 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18662 "a_key": "A String", 18663 }, 18664 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 18665 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18666 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 18667 }, 18668 }, 18669 }, 18670 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 18671 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 18672 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 18673 "add": [ # Added capabilities +optional 18674 "A String", 18675 ], 18676 "drop": [ # Removed capabilities +optional 18677 "A String", 18678 ], 18679 }, 18680 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 18681 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 18682 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18683 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18684 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18685 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 18686 "level": "A String", # Level is SELinux level label that applies to the container. +optional 18687 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 18688 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 18689 "user": "A String", # User is a SELinux user label that applies to the container. +optional 18690 }, 18691 }, 18692 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 18693 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 18694 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 18695 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 18696 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 18697 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 18698 { # volumeDevice describes a mapping of a raw block device within a container. 18699 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 18700 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 18701 }, 18702 ], 18703 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 18704 { # VolumeMount describes a mounting of a Volume within a container. 18705 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 18706 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 18707 "name": "A String", # This must match the Name of a Volume. 18708 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 18709 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 18710 }, 18711 ], 18712 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 18713 }, 18714 ], 18715 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 18716 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 18717 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 18718 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 18719 "volumes": [ 18720 { # Volume represents a named volume in a container. 18721 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 18722 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18723 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18724 { # Maps a string key to a path within a volume. 18725 "key": "A String", # The key to project. 18726 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18727 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18728 }, 18729 ], 18730 "name": "A String", # Name of the config. 18731 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18732 }, 18733 "name": "A String", # Volume's name. 18734 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 18735 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 18736 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 18737 { # Maps a string key to a path within a volume. 18738 "key": "A String", # The key to project. 18739 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 18740 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 18741 }, 18742 ], 18743 "optional": True or False, # Specify whether the Secret or its keys must be defined. 18744 "secretName": "A String", # Name of the secret in the container's namespace to use. 18745 }, 18746 }, 18747 ], 18748 }, 18749 }, 18750 }, 18751 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 18752 }, 18753 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 18754 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 18755 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 18756 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 18757 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 18758 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 18759 "a_key": "A String", 18760 }, 18761 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 18762 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18763 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 18764 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 18765 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 18766 "A String", 18767 ], 18768 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 18769 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 18770 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 18771 "a_key": "A String", 18772 }, 18773 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 18774 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 18775 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 18776 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 18777 "apiVersion": "A String", # API version of the referent. 18778 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 18779 "controller": True or False, # If true, this reference points to the managing controller. +optional 18780 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 18781 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 18782 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 18783 }, 18784 ], 18785 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 18786 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 18787 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 18788 }, 18789 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 18790 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 18791 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 18792 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18793 "A String", 18794 ], 18795 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 18796 "A String", 18797 ], 18798 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 18799 { # EnvVar represents an environment variable present in a Container. 18800 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 18801 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 18802 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 18803 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 18804 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 18805 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18806 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18807 }, 18808 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 18809 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 18810 }, 18811 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 18812 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 18813 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18814 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18815 }, 18816 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 18817 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 18818 }, 18819 }, 18820 }, 18821 ], 18822 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 18823 { # EnvFromSource represents the source of a set of ConfigMaps 18824 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 18825 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18826 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18827 }, 18828 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 18829 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 18830 }, 18831 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 18832 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 18833 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 18834 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 18835 }, 18836 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 18837 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 18838 }, 18839 }, 18840 ], 18841 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 18842 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 18843 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 18844 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18845 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18846 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18847 "A String", 18848 ], 18849 }, 18850 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18851 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18852 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18853 { # HTTPHeader describes a custom header to be used in HTTP probes 18854 "name": "A String", # The header field name 18855 "value": "A String", # The header field value 18856 }, 18857 ], 18858 "path": "A String", # Path to access on the HTTP server. +optional 18859 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18860 "intVal": 42, # The int value. 18861 "strVal": "A String", # The string value. 18862 "type": 42, # The type of the value. 18863 }, 18864 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18865 }, 18866 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18867 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18868 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18869 "intVal": 42, # The int value. 18870 "strVal": "A String", # The string value. 18871 "type": 42, # The type of the value. 18872 }, 18873 }, 18874 }, 18875 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 18876 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18877 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18878 "A String", 18879 ], 18880 }, 18881 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18882 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18883 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18884 { # HTTPHeader describes a custom header to be used in HTTP probes 18885 "name": "A String", # The header field name 18886 "value": "A String", # The header field value 18887 }, 18888 ], 18889 "path": "A String", # Path to access on the HTTP server. +optional 18890 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18891 "intVal": 42, # The int value. 18892 "strVal": "A String", # The string value. 18893 "type": 42, # The type of the value. 18894 }, 18895 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18896 }, 18897 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18898 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18899 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18900 "intVal": 42, # The int value. 18901 "strVal": "A String", # The string value. 18902 "type": 42, # The type of the value. 18903 }, 18904 }, 18905 }, 18906 }, 18907 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18908 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18909 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18910 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18911 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18912 "A String", 18913 ], 18914 }, 18915 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18916 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18917 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18918 { # HTTPHeader describes a custom header to be used in HTTP probes 18919 "name": "A String", # The header field name 18920 "value": "A String", # The header field value 18921 }, 18922 ], 18923 "path": "A String", # Path to access on the HTTP server. +optional 18924 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18925 "intVal": 42, # The int value. 18926 "strVal": "A String", # The string value. 18927 "type": 42, # The type of the value. 18928 }, 18929 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18930 }, 18931 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18932 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18933 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18934 "intVal": 42, # The int value. 18935 "strVal": "A String", # The string value. 18936 "type": 42, # The type of the value. 18937 }, 18938 }, 18939 }, 18940 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18941 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18942 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18943 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18944 }, 18945 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 18946 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 18947 { # ContainerPort represents a network port in a single container. 18948 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 18949 "hostIP": "A String", # What host IP to bind the external port to. +optional 18950 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 18951 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 18952 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 18953 }, 18954 ], 18955 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18956 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 18957 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 18958 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 18959 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 18960 "A String", 18961 ], 18962 }, 18963 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 18964 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 18965 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 18966 { # HTTPHeader describes a custom header to be used in HTTP probes 18967 "name": "A String", # The header field name 18968 "value": "A String", # The header field value 18969 }, 18970 ], 18971 "path": "A String", # Path to access on the HTTP server. +optional 18972 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18973 "intVal": 42, # The int value. 18974 "strVal": "A String", # The string value. 18975 "type": 42, # The type of the value. 18976 }, 18977 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 18978 }, 18979 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 18980 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 18981 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 18982 "intVal": 42, # The int value. 18983 "strVal": "A String", # The string value. 18984 "type": 42, # The type of the value. 18985 }, 18986 }, 18987 }, 18988 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18989 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 18990 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 18991 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 18992 }, 18993 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 18994 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 18995 "a_key": "A String", 18996 }, 18997 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 18998 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 18999 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19000 }, 19001 }, 19002 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19003 "a_key": "A String", 19004 }, 19005 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 19006 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19007 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19008 }, 19009 }, 19010 }, 19011 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 19012 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 19013 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 19014 "add": [ # Added capabilities +optional 19015 "A String", 19016 ], 19017 "drop": [ # Removed capabilities +optional 19018 "A String", 19019 ], 19020 }, 19021 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 19022 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 19023 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19024 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19025 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19026 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19027 "level": "A String", # Level is SELinux level label that applies to the container. +optional 19028 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 19029 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 19030 "user": "A String", # User is a SELinux user label that applies to the container. +optional 19031 }, 19032 }, 19033 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 19034 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 19035 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 19036 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 19037 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 19038 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 19039 { # volumeDevice describes a mapping of a raw block device within a container. 19040 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 19041 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 19042 }, 19043 ], 19044 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 19045 { # VolumeMount describes a mounting of a Volume within a container. 19046 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 19047 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 19048 "name": "A String", # This must match the Name of a Volume. 19049 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 19050 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 19051 }, 19052 ], 19053 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 19054 }, 19055 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 19056 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 19057 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 19058 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19059 "A String", 19060 ], 19061 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19062 "A String", 19063 ], 19064 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 19065 { # EnvVar represents an environment variable present in a Container. 19066 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 19067 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 19068 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 19069 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 19070 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 19071 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19072 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19073 }, 19074 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 19075 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 19076 }, 19077 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 19078 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 19079 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19080 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19081 }, 19082 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 19083 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 19084 }, 19085 }, 19086 }, 19087 ], 19088 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 19089 { # EnvFromSource represents the source of a set of ConfigMaps 19090 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 19091 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19092 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19093 }, 19094 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 19095 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 19096 }, 19097 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 19098 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 19099 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19100 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19101 }, 19102 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 19103 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 19104 }, 19105 }, 19106 ], 19107 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19108 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 19109 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 19110 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19111 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19112 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19113 "A String", 19114 ], 19115 }, 19116 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19117 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19118 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19119 { # HTTPHeader describes a custom header to be used in HTTP probes 19120 "name": "A String", # The header field name 19121 "value": "A String", # The header field value 19122 }, 19123 ], 19124 "path": "A String", # Path to access on the HTTP server. +optional 19125 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19126 "intVal": 42, # The int value. 19127 "strVal": "A String", # The string value. 19128 "type": 42, # The type of the value. 19129 }, 19130 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19131 }, 19132 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19133 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19134 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19135 "intVal": 42, # The int value. 19136 "strVal": "A String", # The string value. 19137 "type": 42, # The type of the value. 19138 }, 19139 }, 19140 }, 19141 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19142 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19143 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19144 "A String", 19145 ], 19146 }, 19147 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19148 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19149 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19150 { # HTTPHeader describes a custom header to be used in HTTP probes 19151 "name": "A String", # The header field name 19152 "value": "A String", # The header field value 19153 }, 19154 ], 19155 "path": "A String", # Path to access on the HTTP server. +optional 19156 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19157 "intVal": 42, # The int value. 19158 "strVal": "A String", # The string value. 19159 "type": 42, # The type of the value. 19160 }, 19161 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19162 }, 19163 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19164 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19165 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19166 "intVal": 42, # The int value. 19167 "strVal": "A String", # The string value. 19168 "type": 42, # The type of the value. 19169 }, 19170 }, 19171 }, 19172 }, 19173 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19174 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19175 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19176 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19177 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19178 "A String", 19179 ], 19180 }, 19181 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19182 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19183 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19184 { # HTTPHeader describes a custom header to be used in HTTP probes 19185 "name": "A String", # The header field name 19186 "value": "A String", # The header field value 19187 }, 19188 ], 19189 "path": "A String", # Path to access on the HTTP server. +optional 19190 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19191 "intVal": 42, # The int value. 19192 "strVal": "A String", # The string value. 19193 "type": 42, # The type of the value. 19194 }, 19195 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19196 }, 19197 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19198 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19199 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19200 "intVal": 42, # The int value. 19201 "strVal": "A String", # The string value. 19202 "type": 42, # The type of the value. 19203 }, 19204 }, 19205 }, 19206 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19207 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19208 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19209 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19210 }, 19211 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 19212 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 19213 { # ContainerPort represents a network port in a single container. 19214 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 19215 "hostIP": "A String", # What host IP to bind the external port to. +optional 19216 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 19217 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 19218 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 19219 }, 19220 ], 19221 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19222 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19223 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19224 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19225 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19226 "A String", 19227 ], 19228 }, 19229 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19230 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19231 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19232 { # HTTPHeader describes a custom header to be used in HTTP probes 19233 "name": "A String", # The header field name 19234 "value": "A String", # The header field value 19235 }, 19236 ], 19237 "path": "A String", # Path to access on the HTTP server. +optional 19238 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19239 "intVal": 42, # The int value. 19240 "strVal": "A String", # The string value. 19241 "type": 42, # The type of the value. 19242 }, 19243 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19244 }, 19245 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19246 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19247 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19248 "intVal": 42, # The int value. 19249 "strVal": "A String", # The string value. 19250 "type": 42, # The type of the value. 19251 }, 19252 }, 19253 }, 19254 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19255 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19256 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19257 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19258 }, 19259 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 19260 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19261 "a_key": "A String", 19262 }, 19263 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 19264 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19265 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19266 }, 19267 }, 19268 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19269 "a_key": "A String", 19270 }, 19271 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 19272 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19273 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19274 }, 19275 }, 19276 }, 19277 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 19278 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 19279 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 19280 "add": [ # Added capabilities +optional 19281 "A String", 19282 ], 19283 "drop": [ # Removed capabilities +optional 19284 "A String", 19285 ], 19286 }, 19287 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 19288 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 19289 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19290 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19291 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19292 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19293 "level": "A String", # Level is SELinux level label that applies to the container. +optional 19294 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 19295 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 19296 "user": "A String", # User is a SELinux user label that applies to the container. +optional 19297 }, 19298 }, 19299 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 19300 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 19301 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 19302 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 19303 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 19304 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 19305 { # volumeDevice describes a mapping of a raw block device within a container. 19306 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 19307 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 19308 }, 19309 ], 19310 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 19311 { # VolumeMount describes a mounting of a Volume within a container. 19312 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 19313 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 19314 "name": "A String", # This must match the Name of a Volume. 19315 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 19316 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 19317 }, 19318 ], 19319 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 19320 }, 19321 ], 19322 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 19323 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 19324 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 19325 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 19326 "volumes": [ 19327 { # Volume represents a named volume in a container. 19328 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 19329 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19330 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19331 { # Maps a string key to a path within a volume. 19332 "key": "A String", # The key to project. 19333 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19334 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19335 }, 19336 ], 19337 "name": "A String", # Name of the config. 19338 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19339 }, 19340 "name": "A String", # Volume's name. 19341 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 19342 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19343 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19344 { # Maps a string key to a path within a volume. 19345 "key": "A String", # The key to project. 19346 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19347 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19348 }, 19349 ], 19350 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19351 "secretName": "A String", # Name of the secret in the container's namespace to use. 19352 }, 19353 }, 19354 ], 19355 }, 19356 }, 19357 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 19358 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 19359 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 19360 "a_key": "A String", 19361 }, 19362 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 19363 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19364 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 19365 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19366 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 19367 "A String", 19368 ], 19369 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 19370 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 19371 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 19372 "a_key": "A String", 19373 }, 19374 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 19375 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 19376 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 19377 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 19378 "apiVersion": "A String", # API version of the referent. 19379 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 19380 "controller": True or False, # If true, this reference points to the managing controller. +optional 19381 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 19382 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 19383 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 19384 }, 19385 ], 19386 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 19387 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 19388 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 19389 }, 19390 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 19391 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 19392 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 19393 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19394 "A String", 19395 ], 19396 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19397 "A String", 19398 ], 19399 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 19400 { # EnvVar represents an environment variable present in a Container. 19401 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 19402 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 19403 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 19404 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 19405 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 19406 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19407 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19408 }, 19409 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 19410 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 19411 }, 19412 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 19413 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 19414 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19415 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19416 }, 19417 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 19418 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 19419 }, 19420 }, 19421 }, 19422 ], 19423 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 19424 { # EnvFromSource represents the source of a set of ConfigMaps 19425 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 19426 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19427 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19428 }, 19429 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 19430 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 19431 }, 19432 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 19433 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 19434 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19435 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19436 }, 19437 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 19438 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 19439 }, 19440 }, 19441 ], 19442 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19443 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 19444 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 19445 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19446 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19447 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19448 "A String", 19449 ], 19450 }, 19451 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19452 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19453 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19454 { # HTTPHeader describes a custom header to be used in HTTP probes 19455 "name": "A String", # The header field name 19456 "value": "A String", # The header field value 19457 }, 19458 ], 19459 "path": "A String", # Path to access on the HTTP server. +optional 19460 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19461 "intVal": 42, # The int value. 19462 "strVal": "A String", # The string value. 19463 "type": 42, # The type of the value. 19464 }, 19465 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19466 }, 19467 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19468 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19469 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19470 "intVal": 42, # The int value. 19471 "strVal": "A String", # The string value. 19472 "type": 42, # The type of the value. 19473 }, 19474 }, 19475 }, 19476 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19477 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19478 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19479 "A String", 19480 ], 19481 }, 19482 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19483 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19484 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19485 { # HTTPHeader describes a custom header to be used in HTTP probes 19486 "name": "A String", # The header field name 19487 "value": "A String", # The header field value 19488 }, 19489 ], 19490 "path": "A String", # Path to access on the HTTP server. +optional 19491 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19492 "intVal": 42, # The int value. 19493 "strVal": "A String", # The string value. 19494 "type": 42, # The type of the value. 19495 }, 19496 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19497 }, 19498 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19499 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19500 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19501 "intVal": 42, # The int value. 19502 "strVal": "A String", # The string value. 19503 "type": 42, # The type of the value. 19504 }, 19505 }, 19506 }, 19507 }, 19508 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19509 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19510 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19511 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19512 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19513 "A String", 19514 ], 19515 }, 19516 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19517 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19518 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19519 { # HTTPHeader describes a custom header to be used in HTTP probes 19520 "name": "A String", # The header field name 19521 "value": "A String", # The header field value 19522 }, 19523 ], 19524 "path": "A String", # Path to access on the HTTP server. +optional 19525 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19526 "intVal": 42, # The int value. 19527 "strVal": "A String", # The string value. 19528 "type": 42, # The type of the value. 19529 }, 19530 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19531 }, 19532 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19533 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19534 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19535 "intVal": 42, # The int value. 19536 "strVal": "A String", # The string value. 19537 "type": 42, # The type of the value. 19538 }, 19539 }, 19540 }, 19541 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19542 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19543 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19544 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19545 }, 19546 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 19547 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 19548 { # ContainerPort represents a network port in a single container. 19549 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 19550 "hostIP": "A String", # What host IP to bind the external port to. +optional 19551 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 19552 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 19553 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 19554 }, 19555 ], 19556 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19557 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19558 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19559 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19560 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19561 "A String", 19562 ], 19563 }, 19564 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19565 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19566 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19567 { # HTTPHeader describes a custom header to be used in HTTP probes 19568 "name": "A String", # The header field name 19569 "value": "A String", # The header field value 19570 }, 19571 ], 19572 "path": "A String", # Path to access on the HTTP server. +optional 19573 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19574 "intVal": 42, # The int value. 19575 "strVal": "A String", # The string value. 19576 "type": 42, # The type of the value. 19577 }, 19578 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19579 }, 19580 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19581 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19582 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19583 "intVal": 42, # The int value. 19584 "strVal": "A String", # The string value. 19585 "type": 42, # The type of the value. 19586 }, 19587 }, 19588 }, 19589 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19590 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19591 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19592 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19593 }, 19594 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 19595 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19596 "a_key": "A String", 19597 }, 19598 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 19599 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19600 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19601 }, 19602 }, 19603 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19604 "a_key": "A String", 19605 }, 19606 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 19607 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19608 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19609 }, 19610 }, 19611 }, 19612 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 19613 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 19614 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 19615 "add": [ # Added capabilities +optional 19616 "A String", 19617 ], 19618 "drop": [ # Removed capabilities +optional 19619 "A String", 19620 ], 19621 }, 19622 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 19623 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 19624 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19625 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19626 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19627 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19628 "level": "A String", # Level is SELinux level label that applies to the container. +optional 19629 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 19630 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 19631 "user": "A String", # User is a SELinux user label that applies to the container. +optional 19632 }, 19633 }, 19634 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 19635 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 19636 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 19637 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 19638 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 19639 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 19640 { # volumeDevice describes a mapping of a raw block device within a container. 19641 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 19642 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 19643 }, 19644 ], 19645 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 19646 { # VolumeMount describes a mounting of a Volume within a container. 19647 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 19648 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 19649 "name": "A String", # This must match the Name of a Volume. 19650 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 19651 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 19652 }, 19653 ], 19654 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 19655 }, 19656 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 19657 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 19658 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 19659 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19660 "A String", 19661 ], 19662 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 19663 "A String", 19664 ], 19665 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 19666 { # EnvVar represents an environment variable present in a Container. 19667 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 19668 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 19669 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 19670 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 19671 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 19672 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19673 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19674 }, 19675 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 19676 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 19677 }, 19678 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 19679 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 19680 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19681 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19682 }, 19683 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 19684 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 19685 }, 19686 }, 19687 }, 19688 ], 19689 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 19690 { # EnvFromSource represents the source of a set of ConfigMaps 19691 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 19692 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19693 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19694 }, 19695 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 19696 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 19697 }, 19698 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 19699 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 19700 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 19701 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 19702 }, 19703 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 19704 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 19705 }, 19706 }, 19707 ], 19708 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 19709 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 19710 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 19711 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19712 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19713 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19714 "A String", 19715 ], 19716 }, 19717 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19718 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19719 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19720 { # HTTPHeader describes a custom header to be used in HTTP probes 19721 "name": "A String", # The header field name 19722 "value": "A String", # The header field value 19723 }, 19724 ], 19725 "path": "A String", # Path to access on the HTTP server. +optional 19726 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19727 "intVal": 42, # The int value. 19728 "strVal": "A String", # The string value. 19729 "type": 42, # The type of the value. 19730 }, 19731 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19732 }, 19733 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19734 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19735 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19736 "intVal": 42, # The int value. 19737 "strVal": "A String", # The string value. 19738 "type": 42, # The type of the value. 19739 }, 19740 }, 19741 }, 19742 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 19743 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19744 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19745 "A String", 19746 ], 19747 }, 19748 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19749 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19750 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19751 { # HTTPHeader describes a custom header to be used in HTTP probes 19752 "name": "A String", # The header field name 19753 "value": "A String", # The header field value 19754 }, 19755 ], 19756 "path": "A String", # Path to access on the HTTP server. +optional 19757 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19758 "intVal": 42, # The int value. 19759 "strVal": "A String", # The string value. 19760 "type": 42, # The type of the value. 19761 }, 19762 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19763 }, 19764 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19765 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19766 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19767 "intVal": 42, # The int value. 19768 "strVal": "A String", # The string value. 19769 "type": 42, # The type of the value. 19770 }, 19771 }, 19772 }, 19773 }, 19774 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19775 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19776 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19777 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19778 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19779 "A String", 19780 ], 19781 }, 19782 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19783 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19784 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19785 { # HTTPHeader describes a custom header to be used in HTTP probes 19786 "name": "A String", # The header field name 19787 "value": "A String", # The header field value 19788 }, 19789 ], 19790 "path": "A String", # Path to access on the HTTP server. +optional 19791 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19792 "intVal": 42, # The int value. 19793 "strVal": "A String", # The string value. 19794 "type": 42, # The type of the value. 19795 }, 19796 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19797 }, 19798 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19799 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19800 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19801 "intVal": 42, # The int value. 19802 "strVal": "A String", # The string value. 19803 "type": 42, # The type of the value. 19804 }, 19805 }, 19806 }, 19807 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19808 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19809 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19810 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19811 }, 19812 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 19813 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 19814 { # ContainerPort represents a network port in a single container. 19815 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 19816 "hostIP": "A String", # What host IP to bind the external port to. +optional 19817 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 19818 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 19819 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 19820 }, 19821 ], 19822 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19823 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 19824 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 19825 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 19826 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 19827 "A String", 19828 ], 19829 }, 19830 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 19831 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 19832 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 19833 { # HTTPHeader describes a custom header to be used in HTTP probes 19834 "name": "A String", # The header field name 19835 "value": "A String", # The header field value 19836 }, 19837 ], 19838 "path": "A String", # Path to access on the HTTP server. +optional 19839 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19840 "intVal": 42, # The int value. 19841 "strVal": "A String", # The string value. 19842 "type": 42, # The type of the value. 19843 }, 19844 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 19845 }, 19846 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 19847 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 19848 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 19849 "intVal": 42, # The int value. 19850 "strVal": "A String", # The string value. 19851 "type": 42, # The type of the value. 19852 }, 19853 }, 19854 }, 19855 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19856 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 19857 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 19858 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 19859 }, 19860 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 19861 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19862 "a_key": "A String", 19863 }, 19864 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 19865 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19866 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19867 }, 19868 }, 19869 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 19870 "a_key": "A String", 19871 }, 19872 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 19873 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 19874 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 19875 }, 19876 }, 19877 }, 19878 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 19879 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 19880 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 19881 "add": [ # Added capabilities +optional 19882 "A String", 19883 ], 19884 "drop": [ # Removed capabilities +optional 19885 "A String", 19886 ], 19887 }, 19888 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 19889 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 19890 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19891 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19892 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19893 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 19894 "level": "A String", # Level is SELinux level label that applies to the container. +optional 19895 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 19896 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 19897 "user": "A String", # User is a SELinux user label that applies to the container. +optional 19898 }, 19899 }, 19900 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 19901 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 19902 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 19903 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 19904 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 19905 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 19906 { # volumeDevice describes a mapping of a raw block device within a container. 19907 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 19908 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 19909 }, 19910 ], 19911 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 19912 { # VolumeMount describes a mounting of a Volume within a container. 19913 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 19914 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 19915 "name": "A String", # This must match the Name of a Volume. 19916 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 19917 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 19918 }, 19919 ], 19920 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 19921 }, 19922 ], 19923 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 19924 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 19925 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 19926 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 19927 "volumes": [ 19928 { # Volume represents a named volume in a container. 19929 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 19930 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19931 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19932 { # Maps a string key to a path within a volume. 19933 "key": "A String", # The key to project. 19934 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19935 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19936 }, 19937 ], 19938 "name": "A String", # Name of the config. 19939 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19940 }, 19941 "name": "A String", # Volume's name. 19942 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 19943 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 19944 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 19945 { # Maps a string key to a path within a volume. 19946 "key": "A String", # The key to project. 19947 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 19948 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 19949 }, 19950 ], 19951 "optional": True or False, # Specify whether the Secret or its keys must be defined. 19952 "secretName": "A String", # Name of the secret in the container's namespace to use. 19953 }, 19954 }, 19955 ], 19956 }, 19957 }, 19958 }, 19959 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 19960 "A String", 19961 ], 19962 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 19963 }, 19964 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 19965 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 19966 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 19967 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 19968 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 19969 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 19970 "a_key": "A String", 19971 }, 19972 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 19973 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19974 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 19975 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 19976 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 19977 "A String", 19978 ], 19979 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 19980 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 19981 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 19982 "a_key": "A String", 19983 }, 19984 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 19985 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 19986 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 19987 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 19988 "apiVersion": "A String", # API version of the referent. 19989 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 19990 "controller": True or False, # If true, this reference points to the managing controller. +optional 19991 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 19992 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 19993 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 19994 }, 19995 ], 19996 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 19997 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 19998 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 19999 }, 20000 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 20001 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 20002 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 20003 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20004 "A String", 20005 ], 20006 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20007 "A String", 20008 ], 20009 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 20010 { # EnvVar represents an environment variable present in a Container. 20011 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 20012 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 20013 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 20014 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 20015 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 20016 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20017 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20018 }, 20019 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 20020 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 20021 }, 20022 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 20023 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 20024 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20025 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20026 }, 20027 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 20028 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 20029 }, 20030 }, 20031 }, 20032 ], 20033 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 20034 { # EnvFromSource represents the source of a set of ConfigMaps 20035 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 20036 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20037 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20038 }, 20039 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 20040 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 20041 }, 20042 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 20043 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 20044 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20045 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20046 }, 20047 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 20048 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 20049 }, 20050 }, 20051 ], 20052 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20053 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 20054 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 20055 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20056 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20057 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20058 "A String", 20059 ], 20060 }, 20061 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20062 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20063 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20064 { # HTTPHeader describes a custom header to be used in HTTP probes 20065 "name": "A String", # The header field name 20066 "value": "A String", # The header field value 20067 }, 20068 ], 20069 "path": "A String", # Path to access on the HTTP server. +optional 20070 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20071 "intVal": 42, # The int value. 20072 "strVal": "A String", # The string value. 20073 "type": 42, # The type of the value. 20074 }, 20075 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20076 }, 20077 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20078 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20079 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20080 "intVal": 42, # The int value. 20081 "strVal": "A String", # The string value. 20082 "type": 42, # The type of the value. 20083 }, 20084 }, 20085 }, 20086 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20087 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20088 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20089 "A String", 20090 ], 20091 }, 20092 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20093 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20094 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20095 { # HTTPHeader describes a custom header to be used in HTTP probes 20096 "name": "A String", # The header field name 20097 "value": "A String", # The header field value 20098 }, 20099 ], 20100 "path": "A String", # Path to access on the HTTP server. +optional 20101 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20102 "intVal": 42, # The int value. 20103 "strVal": "A String", # The string value. 20104 "type": 42, # The type of the value. 20105 }, 20106 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20107 }, 20108 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20109 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20110 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20111 "intVal": 42, # The int value. 20112 "strVal": "A String", # The string value. 20113 "type": 42, # The type of the value. 20114 }, 20115 }, 20116 }, 20117 }, 20118 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20119 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20120 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20121 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20122 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20123 "A String", 20124 ], 20125 }, 20126 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20127 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20128 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20129 { # HTTPHeader describes a custom header to be used in HTTP probes 20130 "name": "A String", # The header field name 20131 "value": "A String", # The header field value 20132 }, 20133 ], 20134 "path": "A String", # Path to access on the HTTP server. +optional 20135 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20136 "intVal": 42, # The int value. 20137 "strVal": "A String", # The string value. 20138 "type": 42, # The type of the value. 20139 }, 20140 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20141 }, 20142 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20143 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20144 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20145 "intVal": 42, # The int value. 20146 "strVal": "A String", # The string value. 20147 "type": 42, # The type of the value. 20148 }, 20149 }, 20150 }, 20151 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20152 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20153 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20154 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20155 }, 20156 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 20157 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 20158 { # ContainerPort represents a network port in a single container. 20159 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 20160 "hostIP": "A String", # What host IP to bind the external port to. +optional 20161 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 20162 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 20163 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 20164 }, 20165 ], 20166 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20167 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20168 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20169 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20170 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20171 "A String", 20172 ], 20173 }, 20174 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20175 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20176 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20177 { # HTTPHeader describes a custom header to be used in HTTP probes 20178 "name": "A String", # The header field name 20179 "value": "A String", # The header field value 20180 }, 20181 ], 20182 "path": "A String", # Path to access on the HTTP server. +optional 20183 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20184 "intVal": 42, # The int value. 20185 "strVal": "A String", # The string value. 20186 "type": 42, # The type of the value. 20187 }, 20188 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20189 }, 20190 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20191 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20192 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20193 "intVal": 42, # The int value. 20194 "strVal": "A String", # The string value. 20195 "type": 42, # The type of the value. 20196 }, 20197 }, 20198 }, 20199 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20200 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20201 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20202 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20203 }, 20204 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 20205 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20206 "a_key": "A String", 20207 }, 20208 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 20209 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20210 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20211 }, 20212 }, 20213 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20214 "a_key": "A String", 20215 }, 20216 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 20217 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20218 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20219 }, 20220 }, 20221 }, 20222 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 20223 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 20224 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 20225 "add": [ # Added capabilities +optional 20226 "A String", 20227 ], 20228 "drop": [ # Removed capabilities +optional 20229 "A String", 20230 ], 20231 }, 20232 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 20233 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 20234 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20235 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20236 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20237 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20238 "level": "A String", # Level is SELinux level label that applies to the container. +optional 20239 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 20240 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 20241 "user": "A String", # User is a SELinux user label that applies to the container. +optional 20242 }, 20243 }, 20244 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 20245 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 20246 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 20247 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 20248 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 20249 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 20250 { # volumeDevice describes a mapping of a raw block device within a container. 20251 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 20252 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 20253 }, 20254 ], 20255 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 20256 { # VolumeMount describes a mounting of a Volume within a container. 20257 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 20258 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 20259 "name": "A String", # This must match the Name of a Volume. 20260 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 20261 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 20262 }, 20263 ], 20264 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 20265 }, 20266 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 20267 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 20268 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 20269 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20270 "A String", 20271 ], 20272 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20273 "A String", 20274 ], 20275 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 20276 { # EnvVar represents an environment variable present in a Container. 20277 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 20278 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 20279 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 20280 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 20281 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 20282 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20283 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20284 }, 20285 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 20286 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 20287 }, 20288 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 20289 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 20290 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20291 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20292 }, 20293 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 20294 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 20295 }, 20296 }, 20297 }, 20298 ], 20299 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 20300 { # EnvFromSource represents the source of a set of ConfigMaps 20301 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 20302 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20303 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20304 }, 20305 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 20306 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 20307 }, 20308 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 20309 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 20310 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20311 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20312 }, 20313 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 20314 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 20315 }, 20316 }, 20317 ], 20318 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20319 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 20320 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 20321 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20322 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20323 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20324 "A String", 20325 ], 20326 }, 20327 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20328 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20329 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20330 { # HTTPHeader describes a custom header to be used in HTTP probes 20331 "name": "A String", # The header field name 20332 "value": "A String", # The header field value 20333 }, 20334 ], 20335 "path": "A String", # Path to access on the HTTP server. +optional 20336 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20337 "intVal": 42, # The int value. 20338 "strVal": "A String", # The string value. 20339 "type": 42, # The type of the value. 20340 }, 20341 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20342 }, 20343 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20344 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20345 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20346 "intVal": 42, # The int value. 20347 "strVal": "A String", # The string value. 20348 "type": 42, # The type of the value. 20349 }, 20350 }, 20351 }, 20352 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20353 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20354 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20355 "A String", 20356 ], 20357 }, 20358 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20359 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20360 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20361 { # HTTPHeader describes a custom header to be used in HTTP probes 20362 "name": "A String", # The header field name 20363 "value": "A String", # The header field value 20364 }, 20365 ], 20366 "path": "A String", # Path to access on the HTTP server. +optional 20367 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20368 "intVal": 42, # The int value. 20369 "strVal": "A String", # The string value. 20370 "type": 42, # The type of the value. 20371 }, 20372 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20373 }, 20374 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20375 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20376 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20377 "intVal": 42, # The int value. 20378 "strVal": "A String", # The string value. 20379 "type": 42, # The type of the value. 20380 }, 20381 }, 20382 }, 20383 }, 20384 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20385 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20386 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20387 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20388 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20389 "A String", 20390 ], 20391 }, 20392 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20393 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20394 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20395 { # HTTPHeader describes a custom header to be used in HTTP probes 20396 "name": "A String", # The header field name 20397 "value": "A String", # The header field value 20398 }, 20399 ], 20400 "path": "A String", # Path to access on the HTTP server. +optional 20401 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20402 "intVal": 42, # The int value. 20403 "strVal": "A String", # The string value. 20404 "type": 42, # The type of the value. 20405 }, 20406 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20407 }, 20408 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20409 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20410 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20411 "intVal": 42, # The int value. 20412 "strVal": "A String", # The string value. 20413 "type": 42, # The type of the value. 20414 }, 20415 }, 20416 }, 20417 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20418 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20419 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20420 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20421 }, 20422 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 20423 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 20424 { # ContainerPort represents a network port in a single container. 20425 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 20426 "hostIP": "A String", # What host IP to bind the external port to. +optional 20427 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 20428 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 20429 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 20430 }, 20431 ], 20432 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20433 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20434 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20435 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20436 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20437 "A String", 20438 ], 20439 }, 20440 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20441 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20442 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20443 { # HTTPHeader describes a custom header to be used in HTTP probes 20444 "name": "A String", # The header field name 20445 "value": "A String", # The header field value 20446 }, 20447 ], 20448 "path": "A String", # Path to access on the HTTP server. +optional 20449 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20450 "intVal": 42, # The int value. 20451 "strVal": "A String", # The string value. 20452 "type": 42, # The type of the value. 20453 }, 20454 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20455 }, 20456 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20457 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20458 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20459 "intVal": 42, # The int value. 20460 "strVal": "A String", # The string value. 20461 "type": 42, # The type of the value. 20462 }, 20463 }, 20464 }, 20465 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20466 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20467 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20468 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20469 }, 20470 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 20471 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20472 "a_key": "A String", 20473 }, 20474 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 20475 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20476 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20477 }, 20478 }, 20479 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20480 "a_key": "A String", 20481 }, 20482 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 20483 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20484 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20485 }, 20486 }, 20487 }, 20488 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 20489 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 20490 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 20491 "add": [ # Added capabilities +optional 20492 "A String", 20493 ], 20494 "drop": [ # Removed capabilities +optional 20495 "A String", 20496 ], 20497 }, 20498 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 20499 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 20500 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20501 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20502 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20503 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20504 "level": "A String", # Level is SELinux level label that applies to the container. +optional 20505 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 20506 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 20507 "user": "A String", # User is a SELinux user label that applies to the container. +optional 20508 }, 20509 }, 20510 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 20511 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 20512 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 20513 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 20514 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 20515 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 20516 { # volumeDevice describes a mapping of a raw block device within a container. 20517 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 20518 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 20519 }, 20520 ], 20521 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 20522 { # VolumeMount describes a mounting of a Volume within a container. 20523 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 20524 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 20525 "name": "A String", # This must match the Name of a Volume. 20526 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 20527 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 20528 }, 20529 ], 20530 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 20531 }, 20532 ], 20533 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 20534 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 20535 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 20536 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 20537 "volumes": [ 20538 { # Volume represents a named volume in a container. 20539 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 20540 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 20541 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 20542 { # Maps a string key to a path within a volume. 20543 "key": "A String", # The key to project. 20544 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 20545 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 20546 }, 20547 ], 20548 "name": "A String", # Name of the config. 20549 "optional": True or False, # Specify whether the Secret or its keys must be defined. 20550 }, 20551 "name": "A String", # Volume's name. 20552 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 20553 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 20554 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 20555 { # Maps a string key to a path within a volume. 20556 "key": "A String", # The key to project. 20557 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 20558 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 20559 }, 20560 ], 20561 "optional": True or False, # Specify whether the Secret or its keys must be defined. 20562 "secretName": "A String", # Name of the secret in the container's namespace to use. 20563 }, 20564 }, 20565 ], 20566 }, 20567 }, 20568 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 20569 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 20570 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 20571 "a_key": "A String", 20572 }, 20573 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 20574 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 20575 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 20576 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 20577 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 20578 "A String", 20579 ], 20580 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 20581 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 20582 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 20583 "a_key": "A String", 20584 }, 20585 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 20586 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 20587 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 20588 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 20589 "apiVersion": "A String", # API version of the referent. 20590 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 20591 "controller": True or False, # If true, this reference points to the managing controller. +optional 20592 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 20593 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 20594 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 20595 }, 20596 ], 20597 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 20598 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 20599 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 20600 }, 20601 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 20602 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 20603 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 20604 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20605 "A String", 20606 ], 20607 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20608 "A String", 20609 ], 20610 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 20611 { # EnvVar represents an environment variable present in a Container. 20612 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 20613 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 20614 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 20615 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 20616 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 20617 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20618 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20619 }, 20620 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 20621 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 20622 }, 20623 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 20624 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 20625 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20626 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20627 }, 20628 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 20629 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 20630 }, 20631 }, 20632 }, 20633 ], 20634 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 20635 { # EnvFromSource represents the source of a set of ConfigMaps 20636 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 20637 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20638 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20639 }, 20640 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 20641 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 20642 }, 20643 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 20644 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 20645 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20646 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20647 }, 20648 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 20649 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 20650 }, 20651 }, 20652 ], 20653 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20654 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 20655 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 20656 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20657 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20658 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20659 "A String", 20660 ], 20661 }, 20662 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20663 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20664 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20665 { # HTTPHeader describes a custom header to be used in HTTP probes 20666 "name": "A String", # The header field name 20667 "value": "A String", # The header field value 20668 }, 20669 ], 20670 "path": "A String", # Path to access on the HTTP server. +optional 20671 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20672 "intVal": 42, # The int value. 20673 "strVal": "A String", # The string value. 20674 "type": 42, # The type of the value. 20675 }, 20676 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20677 }, 20678 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20679 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20680 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20681 "intVal": 42, # The int value. 20682 "strVal": "A String", # The string value. 20683 "type": 42, # The type of the value. 20684 }, 20685 }, 20686 }, 20687 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20688 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20689 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20690 "A String", 20691 ], 20692 }, 20693 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20694 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20695 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20696 { # HTTPHeader describes a custom header to be used in HTTP probes 20697 "name": "A String", # The header field name 20698 "value": "A String", # The header field value 20699 }, 20700 ], 20701 "path": "A String", # Path to access on the HTTP server. +optional 20702 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20703 "intVal": 42, # The int value. 20704 "strVal": "A String", # The string value. 20705 "type": 42, # The type of the value. 20706 }, 20707 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20708 }, 20709 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20710 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20711 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20712 "intVal": 42, # The int value. 20713 "strVal": "A String", # The string value. 20714 "type": 42, # The type of the value. 20715 }, 20716 }, 20717 }, 20718 }, 20719 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20720 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20721 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20722 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20723 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20724 "A String", 20725 ], 20726 }, 20727 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20728 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20729 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20730 { # HTTPHeader describes a custom header to be used in HTTP probes 20731 "name": "A String", # The header field name 20732 "value": "A String", # The header field value 20733 }, 20734 ], 20735 "path": "A String", # Path to access on the HTTP server. +optional 20736 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20737 "intVal": 42, # The int value. 20738 "strVal": "A String", # The string value. 20739 "type": 42, # The type of the value. 20740 }, 20741 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20742 }, 20743 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20744 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20745 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20746 "intVal": 42, # The int value. 20747 "strVal": "A String", # The string value. 20748 "type": 42, # The type of the value. 20749 }, 20750 }, 20751 }, 20752 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20753 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20754 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20755 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20756 }, 20757 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 20758 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 20759 { # ContainerPort represents a network port in a single container. 20760 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 20761 "hostIP": "A String", # What host IP to bind the external port to. +optional 20762 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 20763 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 20764 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 20765 }, 20766 ], 20767 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20768 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20769 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20770 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20771 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20772 "A String", 20773 ], 20774 }, 20775 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20776 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20777 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20778 { # HTTPHeader describes a custom header to be used in HTTP probes 20779 "name": "A String", # The header field name 20780 "value": "A String", # The header field value 20781 }, 20782 ], 20783 "path": "A String", # Path to access on the HTTP server. +optional 20784 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20785 "intVal": 42, # The int value. 20786 "strVal": "A String", # The string value. 20787 "type": 42, # The type of the value. 20788 }, 20789 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20790 }, 20791 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20792 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20793 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20794 "intVal": 42, # The int value. 20795 "strVal": "A String", # The string value. 20796 "type": 42, # The type of the value. 20797 }, 20798 }, 20799 }, 20800 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20801 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 20802 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 20803 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20804 }, 20805 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 20806 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20807 "a_key": "A String", 20808 }, 20809 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 20810 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20811 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20812 }, 20813 }, 20814 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 20815 "a_key": "A String", 20816 }, 20817 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 20818 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 20819 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 20820 }, 20821 }, 20822 }, 20823 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 20824 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 20825 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 20826 "add": [ # Added capabilities +optional 20827 "A String", 20828 ], 20829 "drop": [ # Removed capabilities +optional 20830 "A String", 20831 ], 20832 }, 20833 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 20834 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 20835 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20836 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20837 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20838 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 20839 "level": "A String", # Level is SELinux level label that applies to the container. +optional 20840 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 20841 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 20842 "user": "A String", # User is a SELinux user label that applies to the container. +optional 20843 }, 20844 }, 20845 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 20846 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 20847 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 20848 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 20849 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 20850 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 20851 { # volumeDevice describes a mapping of a raw block device within a container. 20852 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 20853 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 20854 }, 20855 ], 20856 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 20857 { # VolumeMount describes a mounting of a Volume within a container. 20858 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 20859 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 20860 "name": "A String", # This must match the Name of a Volume. 20861 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 20862 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 20863 }, 20864 ], 20865 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 20866 }, 20867 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 20868 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 20869 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 20870 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20871 "A String", 20872 ], 20873 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 20874 "A String", 20875 ], 20876 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 20877 { # EnvVar represents an environment variable present in a Container. 20878 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 20879 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 20880 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 20881 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 20882 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 20883 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20884 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20885 }, 20886 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 20887 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 20888 }, 20889 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 20890 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 20891 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20892 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20893 }, 20894 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 20895 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 20896 }, 20897 }, 20898 }, 20899 ], 20900 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 20901 { # EnvFromSource represents the source of a set of ConfigMaps 20902 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 20903 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20904 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20905 }, 20906 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 20907 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 20908 }, 20909 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 20910 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 20911 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 20912 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 20913 }, 20914 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 20915 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 20916 }, 20917 }, 20918 ], 20919 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 20920 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 20921 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 20922 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20923 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20924 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20925 "A String", 20926 ], 20927 }, 20928 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20929 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20930 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20931 { # HTTPHeader describes a custom header to be used in HTTP probes 20932 "name": "A String", # The header field name 20933 "value": "A String", # The header field value 20934 }, 20935 ], 20936 "path": "A String", # Path to access on the HTTP server. +optional 20937 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20938 "intVal": 42, # The int value. 20939 "strVal": "A String", # The string value. 20940 "type": 42, # The type of the value. 20941 }, 20942 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20943 }, 20944 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20945 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20946 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20947 "intVal": 42, # The int value. 20948 "strVal": "A String", # The string value. 20949 "type": 42, # The type of the value. 20950 }, 20951 }, 20952 }, 20953 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 20954 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20955 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20956 "A String", 20957 ], 20958 }, 20959 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20960 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20961 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20962 { # HTTPHeader describes a custom header to be used in HTTP probes 20963 "name": "A String", # The header field name 20964 "value": "A String", # The header field value 20965 }, 20966 ], 20967 "path": "A String", # Path to access on the HTTP server. +optional 20968 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20969 "intVal": 42, # The int value. 20970 "strVal": "A String", # The string value. 20971 "type": 42, # The type of the value. 20972 }, 20973 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 20974 }, 20975 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 20976 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 20977 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 20978 "intVal": 42, # The int value. 20979 "strVal": "A String", # The string value. 20980 "type": 42, # The type of the value. 20981 }, 20982 }, 20983 }, 20984 }, 20985 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 20986 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 20987 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 20988 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 20989 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 20990 "A String", 20991 ], 20992 }, 20993 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 20994 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 20995 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 20996 { # HTTPHeader describes a custom header to be used in HTTP probes 20997 "name": "A String", # The header field name 20998 "value": "A String", # The header field value 20999 }, 21000 ], 21001 "path": "A String", # Path to access on the HTTP server. +optional 21002 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21003 "intVal": 42, # The int value. 21004 "strVal": "A String", # The string value. 21005 "type": 42, # The type of the value. 21006 }, 21007 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21008 }, 21009 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21010 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21011 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21012 "intVal": 42, # The int value. 21013 "strVal": "A String", # The string value. 21014 "type": 42, # The type of the value. 21015 }, 21016 }, 21017 }, 21018 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21019 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21020 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21021 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21022 }, 21023 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 21024 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 21025 { # ContainerPort represents a network port in a single container. 21026 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 21027 "hostIP": "A String", # What host IP to bind the external port to. +optional 21028 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 21029 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 21030 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 21031 }, 21032 ], 21033 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21034 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21035 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21036 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21037 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21038 "A String", 21039 ], 21040 }, 21041 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21042 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21043 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21044 { # HTTPHeader describes a custom header to be used in HTTP probes 21045 "name": "A String", # The header field name 21046 "value": "A String", # The header field value 21047 }, 21048 ], 21049 "path": "A String", # Path to access on the HTTP server. +optional 21050 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21051 "intVal": 42, # The int value. 21052 "strVal": "A String", # The string value. 21053 "type": 42, # The type of the value. 21054 }, 21055 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21056 }, 21057 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21058 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21059 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21060 "intVal": 42, # The int value. 21061 "strVal": "A String", # The string value. 21062 "type": 42, # The type of the value. 21063 }, 21064 }, 21065 }, 21066 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21067 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21068 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21069 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21070 }, 21071 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 21072 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21073 "a_key": "A String", 21074 }, 21075 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 21076 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21077 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21078 }, 21079 }, 21080 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21081 "a_key": "A String", 21082 }, 21083 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 21084 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21085 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21086 }, 21087 }, 21088 }, 21089 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 21090 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 21091 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 21092 "add": [ # Added capabilities +optional 21093 "A String", 21094 ], 21095 "drop": [ # Removed capabilities +optional 21096 "A String", 21097 ], 21098 }, 21099 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 21100 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 21101 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21102 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21103 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21104 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21105 "level": "A String", # Level is SELinux level label that applies to the container. +optional 21106 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 21107 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 21108 "user": "A String", # User is a SELinux user label that applies to the container. +optional 21109 }, 21110 }, 21111 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 21112 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 21113 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 21114 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 21115 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 21116 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 21117 { # volumeDevice describes a mapping of a raw block device within a container. 21118 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 21119 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 21120 }, 21121 ], 21122 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 21123 { # VolumeMount describes a mounting of a Volume within a container. 21124 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 21125 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 21126 "name": "A String", # This must match the Name of a Volume. 21127 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 21128 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 21129 }, 21130 ], 21131 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 21132 }, 21133 ], 21134 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21135 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 21136 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 21137 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 21138 "volumes": [ 21139 { # Volume represents a named volume in a container. 21140 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 21141 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21142 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21143 { # Maps a string key to a path within a volume. 21144 "key": "A String", # The key to project. 21145 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21146 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21147 }, 21148 ], 21149 "name": "A String", # Name of the config. 21150 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21151 }, 21152 "name": "A String", # Volume's name. 21153 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 21154 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21155 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21156 { # Maps a string key to a path within a volume. 21157 "key": "A String", # The key to project. 21158 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21159 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21160 }, 21161 ], 21162 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21163 "secretName": "A String", # Name of the secret in the container's namespace to use. 21164 }, 21165 }, 21166 ], 21167 }, 21168 }, 21169 }, 21170 }, 21171 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 21172 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 21173 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 21174 "a_key": "A String", 21175 }, 21176 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 21177 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21178 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 21179 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21180 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 21181 "A String", 21182 ], 21183 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 21184 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 21185 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 21186 "a_key": "A String", 21187 }, 21188 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 21189 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 21190 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 21191 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 21192 "apiVersion": "A String", # API version of the referent. 21193 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 21194 "controller": True or False, # If true, this reference points to the managing controller. +optional 21195 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 21196 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 21197 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 21198 }, 21199 ], 21200 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 21201 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 21202 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 21203 }, 21204 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 21205 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 21206 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 21207 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21208 "A String", 21209 ], 21210 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21211 "A String", 21212 ], 21213 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 21214 { # EnvVar represents an environment variable present in a Container. 21215 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 21216 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 21217 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 21218 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 21219 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 21220 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21221 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21222 }, 21223 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 21224 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 21225 }, 21226 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 21227 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 21228 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21229 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21230 }, 21231 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 21232 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 21233 }, 21234 }, 21235 }, 21236 ], 21237 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 21238 { # EnvFromSource represents the source of a set of ConfigMaps 21239 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 21240 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21241 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21242 }, 21243 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 21244 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 21245 }, 21246 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 21247 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 21248 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21249 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21250 }, 21251 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 21252 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 21253 }, 21254 }, 21255 ], 21256 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21257 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 21258 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 21259 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21260 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21261 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21262 "A String", 21263 ], 21264 }, 21265 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21266 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21267 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21268 { # HTTPHeader describes a custom header to be used in HTTP probes 21269 "name": "A String", # The header field name 21270 "value": "A String", # The header field value 21271 }, 21272 ], 21273 "path": "A String", # Path to access on the HTTP server. +optional 21274 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21275 "intVal": 42, # The int value. 21276 "strVal": "A String", # The string value. 21277 "type": 42, # The type of the value. 21278 }, 21279 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21280 }, 21281 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21282 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21283 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21284 "intVal": 42, # The int value. 21285 "strVal": "A String", # The string value. 21286 "type": 42, # The type of the value. 21287 }, 21288 }, 21289 }, 21290 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21291 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21292 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21293 "A String", 21294 ], 21295 }, 21296 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21297 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21298 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21299 { # HTTPHeader describes a custom header to be used in HTTP probes 21300 "name": "A String", # The header field name 21301 "value": "A String", # The header field value 21302 }, 21303 ], 21304 "path": "A String", # Path to access on the HTTP server. +optional 21305 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21306 "intVal": 42, # The int value. 21307 "strVal": "A String", # The string value. 21308 "type": 42, # The type of the value. 21309 }, 21310 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21311 }, 21312 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21313 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21314 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21315 "intVal": 42, # The int value. 21316 "strVal": "A String", # The string value. 21317 "type": 42, # The type of the value. 21318 }, 21319 }, 21320 }, 21321 }, 21322 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21323 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21324 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21325 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21326 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21327 "A String", 21328 ], 21329 }, 21330 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21331 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21332 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21333 { # HTTPHeader describes a custom header to be used in HTTP probes 21334 "name": "A String", # The header field name 21335 "value": "A String", # The header field value 21336 }, 21337 ], 21338 "path": "A String", # Path to access on the HTTP server. +optional 21339 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21340 "intVal": 42, # The int value. 21341 "strVal": "A String", # The string value. 21342 "type": 42, # The type of the value. 21343 }, 21344 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21345 }, 21346 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21347 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21348 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21349 "intVal": 42, # The int value. 21350 "strVal": "A String", # The string value. 21351 "type": 42, # The type of the value. 21352 }, 21353 }, 21354 }, 21355 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21356 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21357 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21358 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21359 }, 21360 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 21361 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 21362 { # ContainerPort represents a network port in a single container. 21363 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 21364 "hostIP": "A String", # What host IP to bind the external port to. +optional 21365 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 21366 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 21367 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 21368 }, 21369 ], 21370 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21371 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21372 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21373 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21374 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21375 "A String", 21376 ], 21377 }, 21378 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21379 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21380 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21381 { # HTTPHeader describes a custom header to be used in HTTP probes 21382 "name": "A String", # The header field name 21383 "value": "A String", # The header field value 21384 }, 21385 ], 21386 "path": "A String", # Path to access on the HTTP server. +optional 21387 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21388 "intVal": 42, # The int value. 21389 "strVal": "A String", # The string value. 21390 "type": 42, # The type of the value. 21391 }, 21392 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21393 }, 21394 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21395 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21396 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21397 "intVal": 42, # The int value. 21398 "strVal": "A String", # The string value. 21399 "type": 42, # The type of the value. 21400 }, 21401 }, 21402 }, 21403 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21404 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21405 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21406 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21407 }, 21408 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 21409 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21410 "a_key": "A String", 21411 }, 21412 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 21413 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21414 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21415 }, 21416 }, 21417 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21418 "a_key": "A String", 21419 }, 21420 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 21421 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21422 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21423 }, 21424 }, 21425 }, 21426 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 21427 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 21428 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 21429 "add": [ # Added capabilities +optional 21430 "A String", 21431 ], 21432 "drop": [ # Removed capabilities +optional 21433 "A String", 21434 ], 21435 }, 21436 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 21437 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 21438 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21439 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21440 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21441 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21442 "level": "A String", # Level is SELinux level label that applies to the container. +optional 21443 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 21444 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 21445 "user": "A String", # User is a SELinux user label that applies to the container. +optional 21446 }, 21447 }, 21448 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 21449 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 21450 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 21451 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 21452 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 21453 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 21454 { # volumeDevice describes a mapping of a raw block device within a container. 21455 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 21456 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 21457 }, 21458 ], 21459 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 21460 { # VolumeMount describes a mounting of a Volume within a container. 21461 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 21462 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 21463 "name": "A String", # This must match the Name of a Volume. 21464 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 21465 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 21466 }, 21467 ], 21468 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 21469 }, 21470 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 21471 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 21472 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 21473 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21474 "A String", 21475 ], 21476 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21477 "A String", 21478 ], 21479 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 21480 { # EnvVar represents an environment variable present in a Container. 21481 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 21482 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 21483 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 21484 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 21485 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 21486 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21487 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21488 }, 21489 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 21490 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 21491 }, 21492 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 21493 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 21494 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21495 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21496 }, 21497 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 21498 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 21499 }, 21500 }, 21501 }, 21502 ], 21503 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 21504 { # EnvFromSource represents the source of a set of ConfigMaps 21505 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 21506 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21507 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21508 }, 21509 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 21510 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 21511 }, 21512 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 21513 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 21514 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21515 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21516 }, 21517 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 21518 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 21519 }, 21520 }, 21521 ], 21522 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21523 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 21524 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 21525 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21526 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21527 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21528 "A String", 21529 ], 21530 }, 21531 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21532 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21533 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21534 { # HTTPHeader describes a custom header to be used in HTTP probes 21535 "name": "A String", # The header field name 21536 "value": "A String", # The header field value 21537 }, 21538 ], 21539 "path": "A String", # Path to access on the HTTP server. +optional 21540 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21541 "intVal": 42, # The int value. 21542 "strVal": "A String", # The string value. 21543 "type": 42, # The type of the value. 21544 }, 21545 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21546 }, 21547 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21548 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21549 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21550 "intVal": 42, # The int value. 21551 "strVal": "A String", # The string value. 21552 "type": 42, # The type of the value. 21553 }, 21554 }, 21555 }, 21556 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21557 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21558 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21559 "A String", 21560 ], 21561 }, 21562 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21563 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21564 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21565 { # HTTPHeader describes a custom header to be used in HTTP probes 21566 "name": "A String", # The header field name 21567 "value": "A String", # The header field value 21568 }, 21569 ], 21570 "path": "A String", # Path to access on the HTTP server. +optional 21571 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21572 "intVal": 42, # The int value. 21573 "strVal": "A String", # The string value. 21574 "type": 42, # The type of the value. 21575 }, 21576 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21577 }, 21578 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21579 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21580 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21581 "intVal": 42, # The int value. 21582 "strVal": "A String", # The string value. 21583 "type": 42, # The type of the value. 21584 }, 21585 }, 21586 }, 21587 }, 21588 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21589 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21590 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21591 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21592 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21593 "A String", 21594 ], 21595 }, 21596 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21597 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21598 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21599 { # HTTPHeader describes a custom header to be used in HTTP probes 21600 "name": "A String", # The header field name 21601 "value": "A String", # The header field value 21602 }, 21603 ], 21604 "path": "A String", # Path to access on the HTTP server. +optional 21605 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21606 "intVal": 42, # The int value. 21607 "strVal": "A String", # The string value. 21608 "type": 42, # The type of the value. 21609 }, 21610 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21611 }, 21612 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21613 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21614 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21615 "intVal": 42, # The int value. 21616 "strVal": "A String", # The string value. 21617 "type": 42, # The type of the value. 21618 }, 21619 }, 21620 }, 21621 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21622 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21623 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21624 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21625 }, 21626 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 21627 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 21628 { # ContainerPort represents a network port in a single container. 21629 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 21630 "hostIP": "A String", # What host IP to bind the external port to. +optional 21631 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 21632 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 21633 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 21634 }, 21635 ], 21636 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21637 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 21638 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 21639 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21640 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21641 "A String", 21642 ], 21643 }, 21644 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21645 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21646 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21647 { # HTTPHeader describes a custom header to be used in HTTP probes 21648 "name": "A String", # The header field name 21649 "value": "A String", # The header field value 21650 }, 21651 ], 21652 "path": "A String", # Path to access on the HTTP server. +optional 21653 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21654 "intVal": 42, # The int value. 21655 "strVal": "A String", # The string value. 21656 "type": 42, # The type of the value. 21657 }, 21658 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21659 }, 21660 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21661 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21662 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21663 "intVal": 42, # The int value. 21664 "strVal": "A String", # The string value. 21665 "type": 42, # The type of the value. 21666 }, 21667 }, 21668 }, 21669 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21670 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 21671 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 21672 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 21673 }, 21674 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 21675 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21676 "a_key": "A String", 21677 }, 21678 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 21679 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21680 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21681 }, 21682 }, 21683 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 21684 "a_key": "A String", 21685 }, 21686 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 21687 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 21688 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 21689 }, 21690 }, 21691 }, 21692 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 21693 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 21694 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 21695 "add": [ # Added capabilities +optional 21696 "A String", 21697 ], 21698 "drop": [ # Removed capabilities +optional 21699 "A String", 21700 ], 21701 }, 21702 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 21703 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 21704 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21705 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21706 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21707 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 21708 "level": "A String", # Level is SELinux level label that applies to the container. +optional 21709 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 21710 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 21711 "user": "A String", # User is a SELinux user label that applies to the container. +optional 21712 }, 21713 }, 21714 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 21715 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 21716 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 21717 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 21718 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 21719 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 21720 { # volumeDevice describes a mapping of a raw block device within a container. 21721 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 21722 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 21723 }, 21724 ], 21725 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 21726 { # VolumeMount describes a mounting of a Volume within a container. 21727 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 21728 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 21729 "name": "A String", # This must match the Name of a Volume. 21730 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 21731 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 21732 }, 21733 ], 21734 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 21735 }, 21736 ], 21737 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21738 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 21739 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 21740 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 21741 "volumes": [ 21742 { # Volume represents a named volume in a container. 21743 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 21744 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21745 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21746 { # Maps a string key to a path within a volume. 21747 "key": "A String", # The key to project. 21748 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21749 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21750 }, 21751 ], 21752 "name": "A String", # Name of the config. 21753 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21754 }, 21755 "name": "A String", # Volume's name. 21756 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 21757 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 21758 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 21759 { # Maps a string key to a path within a volume. 21760 "key": "A String", # The key to project. 21761 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 21762 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 21763 }, 21764 ], 21765 "optional": True or False, # Specify whether the Secret or its keys must be defined. 21766 "secretName": "A String", # Name of the secret in the container's namespace to use. 21767 }, 21768 }, 21769 ], 21770 }, 21771 }, 21772 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 21773 { # TrafficTarget holds a single entry of the routing table for a Route. 21774 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 21775 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 21776 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 21777 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 21778 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 21779 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 21780 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 21781 }, 21782 ], 21783 }, 21784 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 21785 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 21786 "hostname": "A String", # Deprecated - use url instead. 21787 "url": "A String", 21788 }, 21789 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 21790 { # ServiceCondition defines a readiness condition for a Service. 21791 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 21792 "message": "A String", # Human-readable message indicating details about last transition. +optional 21793 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 21794 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 21795 "status": "A String", # Status of the condition, one of True, False, Unknown. 21796 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 21797 }, 21798 ], 21799 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 21800 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 21801 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 21802 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 21803 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 21804 { # TrafficTarget holds a single entry of the routing table for a Route. 21805 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 21806 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 21807 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 21808 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 21809 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 21810 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 21811 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 21812 }, 21813 ], 21814 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 21815 }, 21816} 21817 21818 x__xgafv: string, V1 error format. 21819 Allowed values 21820 1 - v1 error format 21821 2 - v2 error format 21822 21823Returns: 21824 An object of the form: 21825 21826 { # Service acts as a top-level container that manages a set of Routes and Configurations which implement a network service. Service exists to provide a singular abstraction which can be access controlled, reasoned about, and which encapsulates software lifecycle decisions such as rollout policy and team resource ownership. Service acts only as an orchestrator of the underlying Routes and Configurations (much as a kubernetes Deployment orchestrates ReplicaSets). The Service's controller will track the statuses of its owned Configuration and Route, reflecting their statuses and conditions as its own. See also: https://github.com/knative/serving/blob/master/docs/spec/overview.md#service 21827 "apiVersion": "A String", # The API version for this call such as "serving.knative.dev/v1alpha1". 21828 "kind": "A String", # The kind of resource, in this case "Service". 21829 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Metadata associated with this Service, including name, namespace, labels, and annotations. 21830 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 21831 "a_key": "A String", 21832 }, 21833 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 21834 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21835 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 21836 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21837 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 21838 "A String", 21839 ], 21840 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 21841 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 21842 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 21843 "a_key": "A String", 21844 }, 21845 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 21846 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 21847 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 21848 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 21849 "apiVersion": "A String", # API version of the referent. 21850 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 21851 "controller": True or False, # If true, this reference points to the managing controller. +optional 21852 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 21853 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 21854 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 21855 }, 21856 ], 21857 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 21858 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 21859 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 21860 }, 21861 "spec": { # ServiceSpec holds the desired state of the Route (from the client), which is used to manipulate the underlying Route and Configuration(s). # Spec holds the desired state of the Service (from the client). 21862 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21863 "manual": { # ServiceSpecManualType contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. # Manual contains the options for configuring a manual service. See ServiceSpec for more details. Not currently supported by Cloud Run. 21864 }, 21865 "pinned": { # ServiceSpecPinnedType Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. # Pins this service to a specific revision name. The revision must be owned by the configuration provided. Deprecated and not supported by Cloud Run. +optional 21866 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 21867 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 21868 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 21869 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 21870 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 21871 "a_key": "A String", 21872 }, 21873 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 21874 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21875 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 21876 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 21877 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 21878 "A String", 21879 ], 21880 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 21881 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 21882 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 21883 "a_key": "A String", 21884 }, 21885 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 21886 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 21887 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 21888 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 21889 "apiVersion": "A String", # API version of the referent. 21890 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 21891 "controller": True or False, # If true, this reference points to the managing controller. +optional 21892 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 21893 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 21894 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 21895 }, 21896 ], 21897 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 21898 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 21899 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 21900 }, 21901 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 21902 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 21903 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 21904 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21905 "A String", 21906 ], 21907 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 21908 "A String", 21909 ], 21910 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 21911 { # EnvVar represents an environment variable present in a Container. 21912 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 21913 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 21914 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 21915 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 21916 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 21917 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21918 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21919 }, 21920 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 21921 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 21922 }, 21923 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 21924 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 21925 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21926 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21927 }, 21928 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 21929 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 21930 }, 21931 }, 21932 }, 21933 ], 21934 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 21935 { # EnvFromSource represents the source of a set of ConfigMaps 21936 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 21937 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21938 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21939 }, 21940 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 21941 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 21942 }, 21943 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 21944 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 21945 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 21946 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 21947 }, 21948 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 21949 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 21950 }, 21951 }, 21952 ], 21953 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 21954 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 21955 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 21956 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21957 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21958 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21959 "A String", 21960 ], 21961 }, 21962 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21963 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21964 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21965 { # HTTPHeader describes a custom header to be used in HTTP probes 21966 "name": "A String", # The header field name 21967 "value": "A String", # The header field value 21968 }, 21969 ], 21970 "path": "A String", # Path to access on the HTTP server. +optional 21971 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21972 "intVal": 42, # The int value. 21973 "strVal": "A String", # The string value. 21974 "type": 42, # The type of the value. 21975 }, 21976 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 21977 }, 21978 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 21979 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 21980 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 21981 "intVal": 42, # The int value. 21982 "strVal": "A String", # The string value. 21983 "type": 42, # The type of the value. 21984 }, 21985 }, 21986 }, 21987 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 21988 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 21989 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 21990 "A String", 21991 ], 21992 }, 21993 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 21994 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 21995 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 21996 { # HTTPHeader describes a custom header to be used in HTTP probes 21997 "name": "A String", # The header field name 21998 "value": "A String", # The header field value 21999 }, 22000 ], 22001 "path": "A String", # Path to access on the HTTP server. +optional 22002 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22003 "intVal": 42, # The int value. 22004 "strVal": "A String", # The string value. 22005 "type": 42, # The type of the value. 22006 }, 22007 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22008 }, 22009 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22010 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22011 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22012 "intVal": 42, # The int value. 22013 "strVal": "A String", # The string value. 22014 "type": 42, # The type of the value. 22015 }, 22016 }, 22017 }, 22018 }, 22019 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22020 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22021 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22022 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22023 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22024 "A String", 22025 ], 22026 }, 22027 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22028 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22029 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22030 { # HTTPHeader describes a custom header to be used in HTTP probes 22031 "name": "A String", # The header field name 22032 "value": "A String", # The header field value 22033 }, 22034 ], 22035 "path": "A String", # Path to access on the HTTP server. +optional 22036 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22037 "intVal": 42, # The int value. 22038 "strVal": "A String", # The string value. 22039 "type": 42, # The type of the value. 22040 }, 22041 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22042 }, 22043 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22044 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22045 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22046 "intVal": 42, # The int value. 22047 "strVal": "A String", # The string value. 22048 "type": 42, # The type of the value. 22049 }, 22050 }, 22051 }, 22052 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22053 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22054 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22055 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22056 }, 22057 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22058 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22059 { # ContainerPort represents a network port in a single container. 22060 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22061 "hostIP": "A String", # What host IP to bind the external port to. +optional 22062 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22063 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22064 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22065 }, 22066 ], 22067 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22068 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22069 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22070 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22071 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22072 "A String", 22073 ], 22074 }, 22075 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22076 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22077 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22078 { # HTTPHeader describes a custom header to be used in HTTP probes 22079 "name": "A String", # The header field name 22080 "value": "A String", # The header field value 22081 }, 22082 ], 22083 "path": "A String", # Path to access on the HTTP server. +optional 22084 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22085 "intVal": 42, # The int value. 22086 "strVal": "A String", # The string value. 22087 "type": 42, # The type of the value. 22088 }, 22089 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22090 }, 22091 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22092 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22093 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22094 "intVal": 42, # The int value. 22095 "strVal": "A String", # The string value. 22096 "type": 42, # The type of the value. 22097 }, 22098 }, 22099 }, 22100 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22101 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22102 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22103 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22104 }, 22105 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22106 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22107 "a_key": "A String", 22108 }, 22109 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22110 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22111 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22112 }, 22113 }, 22114 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22115 "a_key": "A String", 22116 }, 22117 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22118 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22119 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22120 }, 22121 }, 22122 }, 22123 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22124 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22125 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22126 "add": [ # Added capabilities +optional 22127 "A String", 22128 ], 22129 "drop": [ # Removed capabilities +optional 22130 "A String", 22131 ], 22132 }, 22133 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 22134 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 22135 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22136 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22137 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22138 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22139 "level": "A String", # Level is SELinux level label that applies to the container. +optional 22140 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 22141 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 22142 "user": "A String", # User is a SELinux user label that applies to the container. +optional 22143 }, 22144 }, 22145 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 22146 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 22147 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 22148 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 22149 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 22150 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 22151 { # volumeDevice describes a mapping of a raw block device within a container. 22152 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 22153 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 22154 }, 22155 ], 22156 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 22157 { # VolumeMount describes a mounting of a Volume within a container. 22158 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 22159 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 22160 "name": "A String", # This must match the Name of a Volume. 22161 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 22162 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 22163 }, 22164 ], 22165 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 22166 }, 22167 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 22168 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 22169 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 22170 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22171 "A String", 22172 ], 22173 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22174 "A String", 22175 ], 22176 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 22177 { # EnvVar represents an environment variable present in a Container. 22178 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 22179 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 22180 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 22181 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 22182 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 22183 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22184 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22185 }, 22186 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 22187 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 22188 }, 22189 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 22190 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 22191 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22192 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22193 }, 22194 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 22195 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 22196 }, 22197 }, 22198 }, 22199 ], 22200 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 22201 { # EnvFromSource represents the source of a set of ConfigMaps 22202 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 22203 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22204 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22205 }, 22206 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 22207 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 22208 }, 22209 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 22210 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 22211 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22212 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22213 }, 22214 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 22215 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 22216 }, 22217 }, 22218 ], 22219 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 22220 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 22221 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 22222 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22223 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22224 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22225 "A String", 22226 ], 22227 }, 22228 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22229 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22230 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22231 { # HTTPHeader describes a custom header to be used in HTTP probes 22232 "name": "A String", # The header field name 22233 "value": "A String", # The header field value 22234 }, 22235 ], 22236 "path": "A String", # Path to access on the HTTP server. +optional 22237 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22238 "intVal": 42, # The int value. 22239 "strVal": "A String", # The string value. 22240 "type": 42, # The type of the value. 22241 }, 22242 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22243 }, 22244 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22245 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22246 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22247 "intVal": 42, # The int value. 22248 "strVal": "A String", # The string value. 22249 "type": 42, # The type of the value. 22250 }, 22251 }, 22252 }, 22253 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22254 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22255 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22256 "A String", 22257 ], 22258 }, 22259 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22260 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22261 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22262 { # HTTPHeader describes a custom header to be used in HTTP probes 22263 "name": "A String", # The header field name 22264 "value": "A String", # The header field value 22265 }, 22266 ], 22267 "path": "A String", # Path to access on the HTTP server. +optional 22268 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22269 "intVal": 42, # The int value. 22270 "strVal": "A String", # The string value. 22271 "type": 42, # The type of the value. 22272 }, 22273 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22274 }, 22275 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22276 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22277 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22278 "intVal": 42, # The int value. 22279 "strVal": "A String", # The string value. 22280 "type": 42, # The type of the value. 22281 }, 22282 }, 22283 }, 22284 }, 22285 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22286 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22287 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22288 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22289 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22290 "A String", 22291 ], 22292 }, 22293 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22294 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22295 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22296 { # HTTPHeader describes a custom header to be used in HTTP probes 22297 "name": "A String", # The header field name 22298 "value": "A String", # The header field value 22299 }, 22300 ], 22301 "path": "A String", # Path to access on the HTTP server. +optional 22302 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22303 "intVal": 42, # The int value. 22304 "strVal": "A String", # The string value. 22305 "type": 42, # The type of the value. 22306 }, 22307 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22308 }, 22309 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22310 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22311 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22312 "intVal": 42, # The int value. 22313 "strVal": "A String", # The string value. 22314 "type": 42, # The type of the value. 22315 }, 22316 }, 22317 }, 22318 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22319 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22320 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22321 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22322 }, 22323 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22324 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22325 { # ContainerPort represents a network port in a single container. 22326 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22327 "hostIP": "A String", # What host IP to bind the external port to. +optional 22328 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22329 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22330 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22331 }, 22332 ], 22333 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22334 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22335 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22336 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22337 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22338 "A String", 22339 ], 22340 }, 22341 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22342 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22343 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22344 { # HTTPHeader describes a custom header to be used in HTTP probes 22345 "name": "A String", # The header field name 22346 "value": "A String", # The header field value 22347 }, 22348 ], 22349 "path": "A String", # Path to access on the HTTP server. +optional 22350 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22351 "intVal": 42, # The int value. 22352 "strVal": "A String", # The string value. 22353 "type": 42, # The type of the value. 22354 }, 22355 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22356 }, 22357 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22358 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22359 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22360 "intVal": 42, # The int value. 22361 "strVal": "A String", # The string value. 22362 "type": 42, # The type of the value. 22363 }, 22364 }, 22365 }, 22366 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22367 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22368 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22369 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22370 }, 22371 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22372 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22373 "a_key": "A String", 22374 }, 22375 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22376 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22377 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22378 }, 22379 }, 22380 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22381 "a_key": "A String", 22382 }, 22383 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22384 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22385 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22386 }, 22387 }, 22388 }, 22389 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22390 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22391 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22392 "add": [ # Added capabilities +optional 22393 "A String", 22394 ], 22395 "drop": [ # Removed capabilities +optional 22396 "A String", 22397 ], 22398 }, 22399 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 22400 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 22401 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22402 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22403 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22404 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22405 "level": "A String", # Level is SELinux level label that applies to the container. +optional 22406 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 22407 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 22408 "user": "A String", # User is a SELinux user label that applies to the container. +optional 22409 }, 22410 }, 22411 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 22412 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 22413 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 22414 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 22415 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 22416 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 22417 { # volumeDevice describes a mapping of a raw block device within a container. 22418 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 22419 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 22420 }, 22421 ], 22422 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 22423 { # VolumeMount describes a mounting of a Volume within a container. 22424 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 22425 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 22426 "name": "A String", # This must match the Name of a Volume. 22427 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 22428 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 22429 }, 22430 ], 22431 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 22432 }, 22433 ], 22434 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 22435 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 22436 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 22437 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 22438 "volumes": [ 22439 { # Volume represents a named volume in a container. 22440 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 22441 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 22442 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 22443 { # Maps a string key to a path within a volume. 22444 "key": "A String", # The key to project. 22445 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 22446 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 22447 }, 22448 ], 22449 "name": "A String", # Name of the config. 22450 "optional": True or False, # Specify whether the Secret or its keys must be defined. 22451 }, 22452 "name": "A String", # Volume's name. 22453 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 22454 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 22455 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 22456 { # Maps a string key to a path within a volume. 22457 "key": "A String", # The key to project. 22458 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 22459 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 22460 }, 22461 ], 22462 "optional": True or False, # Specify whether the Secret or its keys must be defined. 22463 "secretName": "A String", # Name of the secret in the container's namespace to use. 22464 }, 22465 }, 22466 ], 22467 }, 22468 }, 22469 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 22470 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 22471 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 22472 "a_key": "A String", 22473 }, 22474 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 22475 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 22476 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 22477 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 22478 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 22479 "A String", 22480 ], 22481 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 22482 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 22483 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 22484 "a_key": "A String", 22485 }, 22486 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 22487 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 22488 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 22489 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 22490 "apiVersion": "A String", # API version of the referent. 22491 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 22492 "controller": True or False, # If true, this reference points to the managing controller. +optional 22493 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 22494 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 22495 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 22496 }, 22497 ], 22498 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 22499 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 22500 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 22501 }, 22502 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 22503 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 22504 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 22505 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22506 "A String", 22507 ], 22508 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22509 "A String", 22510 ], 22511 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 22512 { # EnvVar represents an environment variable present in a Container. 22513 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 22514 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 22515 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 22516 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 22517 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 22518 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22519 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22520 }, 22521 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 22522 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 22523 }, 22524 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 22525 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 22526 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22527 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22528 }, 22529 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 22530 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 22531 }, 22532 }, 22533 }, 22534 ], 22535 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 22536 { # EnvFromSource represents the source of a set of ConfigMaps 22537 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 22538 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22539 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22540 }, 22541 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 22542 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 22543 }, 22544 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 22545 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 22546 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22547 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22548 }, 22549 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 22550 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 22551 }, 22552 }, 22553 ], 22554 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 22555 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 22556 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 22557 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22558 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22559 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22560 "A String", 22561 ], 22562 }, 22563 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22564 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22565 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22566 { # HTTPHeader describes a custom header to be used in HTTP probes 22567 "name": "A String", # The header field name 22568 "value": "A String", # The header field value 22569 }, 22570 ], 22571 "path": "A String", # Path to access on the HTTP server. +optional 22572 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22573 "intVal": 42, # The int value. 22574 "strVal": "A String", # The string value. 22575 "type": 42, # The type of the value. 22576 }, 22577 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22578 }, 22579 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22580 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22581 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22582 "intVal": 42, # The int value. 22583 "strVal": "A String", # The string value. 22584 "type": 42, # The type of the value. 22585 }, 22586 }, 22587 }, 22588 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22589 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22590 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22591 "A String", 22592 ], 22593 }, 22594 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22595 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22596 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22597 { # HTTPHeader describes a custom header to be used in HTTP probes 22598 "name": "A String", # The header field name 22599 "value": "A String", # The header field value 22600 }, 22601 ], 22602 "path": "A String", # Path to access on the HTTP server. +optional 22603 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22604 "intVal": 42, # The int value. 22605 "strVal": "A String", # The string value. 22606 "type": 42, # The type of the value. 22607 }, 22608 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22609 }, 22610 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22611 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22612 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22613 "intVal": 42, # The int value. 22614 "strVal": "A String", # The string value. 22615 "type": 42, # The type of the value. 22616 }, 22617 }, 22618 }, 22619 }, 22620 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22621 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22622 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22623 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22624 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22625 "A String", 22626 ], 22627 }, 22628 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22629 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22630 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22631 { # HTTPHeader describes a custom header to be used in HTTP probes 22632 "name": "A String", # The header field name 22633 "value": "A String", # The header field value 22634 }, 22635 ], 22636 "path": "A String", # Path to access on the HTTP server. +optional 22637 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22638 "intVal": 42, # The int value. 22639 "strVal": "A String", # The string value. 22640 "type": 42, # The type of the value. 22641 }, 22642 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22643 }, 22644 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22645 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22646 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22647 "intVal": 42, # The int value. 22648 "strVal": "A String", # The string value. 22649 "type": 42, # The type of the value. 22650 }, 22651 }, 22652 }, 22653 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22654 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22655 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22656 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22657 }, 22658 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22659 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22660 { # ContainerPort represents a network port in a single container. 22661 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22662 "hostIP": "A String", # What host IP to bind the external port to. +optional 22663 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22664 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22665 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22666 }, 22667 ], 22668 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22669 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22670 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22671 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22672 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22673 "A String", 22674 ], 22675 }, 22676 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22677 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22678 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22679 { # HTTPHeader describes a custom header to be used in HTTP probes 22680 "name": "A String", # The header field name 22681 "value": "A String", # The header field value 22682 }, 22683 ], 22684 "path": "A String", # Path to access on the HTTP server. +optional 22685 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22686 "intVal": 42, # The int value. 22687 "strVal": "A String", # The string value. 22688 "type": 42, # The type of the value. 22689 }, 22690 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22691 }, 22692 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22693 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22694 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22695 "intVal": 42, # The int value. 22696 "strVal": "A String", # The string value. 22697 "type": 42, # The type of the value. 22698 }, 22699 }, 22700 }, 22701 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22702 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22703 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22704 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22705 }, 22706 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22707 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22708 "a_key": "A String", 22709 }, 22710 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22711 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22712 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22713 }, 22714 }, 22715 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22716 "a_key": "A String", 22717 }, 22718 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22719 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22720 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22721 }, 22722 }, 22723 }, 22724 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22725 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22726 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22727 "add": [ # Added capabilities +optional 22728 "A String", 22729 ], 22730 "drop": [ # Removed capabilities +optional 22731 "A String", 22732 ], 22733 }, 22734 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 22735 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 22736 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22737 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22738 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22739 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 22740 "level": "A String", # Level is SELinux level label that applies to the container. +optional 22741 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 22742 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 22743 "user": "A String", # User is a SELinux user label that applies to the container. +optional 22744 }, 22745 }, 22746 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 22747 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 22748 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 22749 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 22750 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 22751 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 22752 { # volumeDevice describes a mapping of a raw block device within a container. 22753 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 22754 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 22755 }, 22756 ], 22757 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 22758 { # VolumeMount describes a mounting of a Volume within a container. 22759 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 22760 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 22761 "name": "A String", # This must match the Name of a Volume. 22762 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 22763 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 22764 }, 22765 ], 22766 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 22767 }, 22768 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 22769 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 22770 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 22771 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22772 "A String", 22773 ], 22774 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 22775 "A String", 22776 ], 22777 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 22778 { # EnvVar represents an environment variable present in a Container. 22779 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 22780 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 22781 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 22782 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 22783 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 22784 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22785 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22786 }, 22787 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 22788 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 22789 }, 22790 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 22791 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 22792 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22793 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22794 }, 22795 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 22796 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 22797 }, 22798 }, 22799 }, 22800 ], 22801 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 22802 { # EnvFromSource represents the source of a set of ConfigMaps 22803 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 22804 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22805 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22806 }, 22807 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 22808 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 22809 }, 22810 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 22811 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 22812 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 22813 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 22814 }, 22815 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 22816 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 22817 }, 22818 }, 22819 ], 22820 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 22821 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 22822 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 22823 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22824 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22825 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22826 "A String", 22827 ], 22828 }, 22829 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22830 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22831 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22832 { # HTTPHeader describes a custom header to be used in HTTP probes 22833 "name": "A String", # The header field name 22834 "value": "A String", # The header field value 22835 }, 22836 ], 22837 "path": "A String", # Path to access on the HTTP server. +optional 22838 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22839 "intVal": 42, # The int value. 22840 "strVal": "A String", # The string value. 22841 "type": 42, # The type of the value. 22842 }, 22843 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22844 }, 22845 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22846 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22847 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22848 "intVal": 42, # The int value. 22849 "strVal": "A String", # The string value. 22850 "type": 42, # The type of the value. 22851 }, 22852 }, 22853 }, 22854 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 22855 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22856 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22857 "A String", 22858 ], 22859 }, 22860 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22861 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22862 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22863 { # HTTPHeader describes a custom header to be used in HTTP probes 22864 "name": "A String", # The header field name 22865 "value": "A String", # The header field value 22866 }, 22867 ], 22868 "path": "A String", # Path to access on the HTTP server. +optional 22869 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22870 "intVal": 42, # The int value. 22871 "strVal": "A String", # The string value. 22872 "type": 42, # The type of the value. 22873 }, 22874 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22875 }, 22876 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22877 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22878 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22879 "intVal": 42, # The int value. 22880 "strVal": "A String", # The string value. 22881 "type": 42, # The type of the value. 22882 }, 22883 }, 22884 }, 22885 }, 22886 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22887 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22888 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22889 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22890 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22891 "A String", 22892 ], 22893 }, 22894 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22895 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22896 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22897 { # HTTPHeader describes a custom header to be used in HTTP probes 22898 "name": "A String", # The header field name 22899 "value": "A String", # The header field value 22900 }, 22901 ], 22902 "path": "A String", # Path to access on the HTTP server. +optional 22903 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22904 "intVal": 42, # The int value. 22905 "strVal": "A String", # The string value. 22906 "type": 42, # The type of the value. 22907 }, 22908 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22909 }, 22910 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22911 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22912 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22913 "intVal": 42, # The int value. 22914 "strVal": "A String", # The string value. 22915 "type": 42, # The type of the value. 22916 }, 22917 }, 22918 }, 22919 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22920 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22921 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22922 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22923 }, 22924 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 22925 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 22926 { # ContainerPort represents a network port in a single container. 22927 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 22928 "hostIP": "A String", # What host IP to bind the external port to. +optional 22929 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 22930 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 22931 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 22932 }, 22933 ], 22934 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22935 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 22936 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 22937 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 22938 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 22939 "A String", 22940 ], 22941 }, 22942 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 22943 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 22944 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 22945 { # HTTPHeader describes a custom header to be used in HTTP probes 22946 "name": "A String", # The header field name 22947 "value": "A String", # The header field value 22948 }, 22949 ], 22950 "path": "A String", # Path to access on the HTTP server. +optional 22951 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22952 "intVal": 42, # The int value. 22953 "strVal": "A String", # The string value. 22954 "type": 42, # The type of the value. 22955 }, 22956 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 22957 }, 22958 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 22959 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 22960 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 22961 "intVal": 42, # The int value. 22962 "strVal": "A String", # The string value. 22963 "type": 42, # The type of the value. 22964 }, 22965 }, 22966 }, 22967 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22968 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 22969 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 22970 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 22971 }, 22972 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 22973 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22974 "a_key": "A String", 22975 }, 22976 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 22977 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22978 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22979 }, 22980 }, 22981 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 22982 "a_key": "A String", 22983 }, 22984 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 22985 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 22986 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 22987 }, 22988 }, 22989 }, 22990 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 22991 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 22992 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 22993 "add": [ # Added capabilities +optional 22994 "A String", 22995 ], 22996 "drop": [ # Removed capabilities +optional 22997 "A String", 22998 ], 22999 }, 23000 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 23001 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 23002 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23003 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23004 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23005 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23006 "level": "A String", # Level is SELinux level label that applies to the container. +optional 23007 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 23008 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 23009 "user": "A String", # User is a SELinux user label that applies to the container. +optional 23010 }, 23011 }, 23012 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 23013 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 23014 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 23015 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 23016 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 23017 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 23018 { # volumeDevice describes a mapping of a raw block device within a container. 23019 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 23020 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 23021 }, 23022 ], 23023 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 23024 { # VolumeMount describes a mounting of a Volume within a container. 23025 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 23026 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 23027 "name": "A String", # This must match the Name of a Volume. 23028 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 23029 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 23030 }, 23031 ], 23032 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 23033 }, 23034 ], 23035 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 23036 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 23037 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 23038 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 23039 "volumes": [ 23040 { # Volume represents a named volume in a container. 23041 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 23042 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 23043 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 23044 { # Maps a string key to a path within a volume. 23045 "key": "A String", # The key to project. 23046 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 23047 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 23048 }, 23049 ], 23050 "name": "A String", # Name of the config. 23051 "optional": True or False, # Specify whether the Secret or its keys must be defined. 23052 }, 23053 "name": "A String", # Volume's name. 23054 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 23055 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 23056 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 23057 { # Maps a string key to a path within a volume. 23058 "key": "A String", # The key to project. 23059 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 23060 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 23061 }, 23062 ], 23063 "optional": True or False, # Specify whether the Secret or its keys must be defined. 23064 "secretName": "A String", # Name of the secret in the container's namespace to use. 23065 }, 23066 }, 23067 ], 23068 }, 23069 }, 23070 }, 23071 "revisionName": "A String", # The revision name to pin this service to until changed to a different service type. 23072 }, 23073 "release": { # ServiceSpecReleaseType contains the options for slowly releasing revisions. See ServiceSpec for more details. Not currently supported by Cloud Run. # Release enables gradual promotion of new revisions by allowing traffic to be split between two revisions. This type replaces the deprecated Pinned type. Not currently supported by Cloud Run. 23074 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. All revisions from this service must come from a single configuration. 23075 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 23076 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 23077 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 23078 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 23079 "a_key": "A String", 23080 }, 23081 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 23082 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23083 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 23084 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23085 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 23086 "A String", 23087 ], 23088 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 23089 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 23090 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 23091 "a_key": "A String", 23092 }, 23093 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 23094 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 23095 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 23096 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 23097 "apiVersion": "A String", # API version of the referent. 23098 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 23099 "controller": True or False, # If true, this reference points to the managing controller. +optional 23100 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 23101 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 23102 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 23103 }, 23104 ], 23105 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 23106 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 23107 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 23108 }, 23109 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 23110 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 23111 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 23112 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23113 "A String", 23114 ], 23115 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23116 "A String", 23117 ], 23118 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23119 { # EnvVar represents an environment variable present in a Container. 23120 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23121 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23122 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23123 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23124 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23125 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23126 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23127 }, 23128 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23129 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23130 }, 23131 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23132 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 23133 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23134 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23135 }, 23136 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 23137 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 23138 }, 23139 }, 23140 }, 23141 ], 23142 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 23143 { # EnvFromSource represents the source of a set of ConfigMaps 23144 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 23145 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23146 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23147 }, 23148 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 23149 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 23150 }, 23151 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 23152 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 23153 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23154 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23155 }, 23156 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 23157 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 23158 }, 23159 }, 23160 ], 23161 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 23162 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 23163 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 23164 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23165 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23166 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23167 "A String", 23168 ], 23169 }, 23170 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23171 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23172 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23173 { # HTTPHeader describes a custom header to be used in HTTP probes 23174 "name": "A String", # The header field name 23175 "value": "A String", # The header field value 23176 }, 23177 ], 23178 "path": "A String", # Path to access on the HTTP server. +optional 23179 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23180 "intVal": 42, # The int value. 23181 "strVal": "A String", # The string value. 23182 "type": 42, # The type of the value. 23183 }, 23184 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23185 }, 23186 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23187 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23188 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23189 "intVal": 42, # The int value. 23190 "strVal": "A String", # The string value. 23191 "type": 42, # The type of the value. 23192 }, 23193 }, 23194 }, 23195 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23196 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23197 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23198 "A String", 23199 ], 23200 }, 23201 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23202 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23203 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23204 { # HTTPHeader describes a custom header to be used in HTTP probes 23205 "name": "A String", # The header field name 23206 "value": "A String", # The header field value 23207 }, 23208 ], 23209 "path": "A String", # Path to access on the HTTP server. +optional 23210 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23211 "intVal": 42, # The int value. 23212 "strVal": "A String", # The string value. 23213 "type": 42, # The type of the value. 23214 }, 23215 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23216 }, 23217 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23218 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23219 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23220 "intVal": 42, # The int value. 23221 "strVal": "A String", # The string value. 23222 "type": 42, # The type of the value. 23223 }, 23224 }, 23225 }, 23226 }, 23227 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23228 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23229 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23230 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23231 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23232 "A String", 23233 ], 23234 }, 23235 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23236 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23237 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23238 { # HTTPHeader describes a custom header to be used in HTTP probes 23239 "name": "A String", # The header field name 23240 "value": "A String", # The header field value 23241 }, 23242 ], 23243 "path": "A String", # Path to access on the HTTP server. +optional 23244 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23245 "intVal": 42, # The int value. 23246 "strVal": "A String", # The string value. 23247 "type": 42, # The type of the value. 23248 }, 23249 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23250 }, 23251 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23252 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23253 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23254 "intVal": 42, # The int value. 23255 "strVal": "A String", # The string value. 23256 "type": 42, # The type of the value. 23257 }, 23258 }, 23259 }, 23260 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23261 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23262 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23263 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23264 }, 23265 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 23266 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 23267 { # ContainerPort represents a network port in a single container. 23268 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 23269 "hostIP": "A String", # What host IP to bind the external port to. +optional 23270 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 23271 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 23272 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 23273 }, 23274 ], 23275 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23276 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23277 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23278 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23279 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23280 "A String", 23281 ], 23282 }, 23283 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23284 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23285 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23286 { # HTTPHeader describes a custom header to be used in HTTP probes 23287 "name": "A String", # The header field name 23288 "value": "A String", # The header field value 23289 }, 23290 ], 23291 "path": "A String", # Path to access on the HTTP server. +optional 23292 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23293 "intVal": 42, # The int value. 23294 "strVal": "A String", # The string value. 23295 "type": 42, # The type of the value. 23296 }, 23297 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23298 }, 23299 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23300 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23301 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23302 "intVal": 42, # The int value. 23303 "strVal": "A String", # The string value. 23304 "type": 42, # The type of the value. 23305 }, 23306 }, 23307 }, 23308 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23309 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23310 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23311 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23312 }, 23313 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 23314 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23315 "a_key": "A String", 23316 }, 23317 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 23318 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23319 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23320 }, 23321 }, 23322 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23323 "a_key": "A String", 23324 }, 23325 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 23326 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23327 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23328 }, 23329 }, 23330 }, 23331 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 23332 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 23333 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 23334 "add": [ # Added capabilities +optional 23335 "A String", 23336 ], 23337 "drop": [ # Removed capabilities +optional 23338 "A String", 23339 ], 23340 }, 23341 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 23342 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 23343 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23344 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23345 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23346 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23347 "level": "A String", # Level is SELinux level label that applies to the container. +optional 23348 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 23349 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 23350 "user": "A String", # User is a SELinux user label that applies to the container. +optional 23351 }, 23352 }, 23353 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 23354 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 23355 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 23356 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 23357 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 23358 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 23359 { # volumeDevice describes a mapping of a raw block device within a container. 23360 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 23361 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 23362 }, 23363 ], 23364 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 23365 { # VolumeMount describes a mounting of a Volume within a container. 23366 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 23367 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 23368 "name": "A String", # This must match the Name of a Volume. 23369 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 23370 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 23371 }, 23372 ], 23373 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 23374 }, 23375 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 23376 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 23377 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 23378 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23379 "A String", 23380 ], 23381 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23382 "A String", 23383 ], 23384 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23385 { # EnvVar represents an environment variable present in a Container. 23386 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23387 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23388 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23389 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23390 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23391 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23392 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23393 }, 23394 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23395 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23396 }, 23397 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23398 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 23399 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23400 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23401 }, 23402 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 23403 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 23404 }, 23405 }, 23406 }, 23407 ], 23408 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 23409 { # EnvFromSource represents the source of a set of ConfigMaps 23410 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 23411 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23412 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23413 }, 23414 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 23415 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 23416 }, 23417 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 23418 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 23419 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23420 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23421 }, 23422 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 23423 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 23424 }, 23425 }, 23426 ], 23427 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 23428 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 23429 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 23430 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23431 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23432 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23433 "A String", 23434 ], 23435 }, 23436 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23437 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23438 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23439 { # HTTPHeader describes a custom header to be used in HTTP probes 23440 "name": "A String", # The header field name 23441 "value": "A String", # The header field value 23442 }, 23443 ], 23444 "path": "A String", # Path to access on the HTTP server. +optional 23445 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23446 "intVal": 42, # The int value. 23447 "strVal": "A String", # The string value. 23448 "type": 42, # The type of the value. 23449 }, 23450 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23451 }, 23452 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23453 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23454 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23455 "intVal": 42, # The int value. 23456 "strVal": "A String", # The string value. 23457 "type": 42, # The type of the value. 23458 }, 23459 }, 23460 }, 23461 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23462 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23463 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23464 "A String", 23465 ], 23466 }, 23467 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23468 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23469 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23470 { # HTTPHeader describes a custom header to be used in HTTP probes 23471 "name": "A String", # The header field name 23472 "value": "A String", # The header field value 23473 }, 23474 ], 23475 "path": "A String", # Path to access on the HTTP server. +optional 23476 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23477 "intVal": 42, # The int value. 23478 "strVal": "A String", # The string value. 23479 "type": 42, # The type of the value. 23480 }, 23481 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23482 }, 23483 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23484 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23485 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23486 "intVal": 42, # The int value. 23487 "strVal": "A String", # The string value. 23488 "type": 42, # The type of the value. 23489 }, 23490 }, 23491 }, 23492 }, 23493 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23494 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23495 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23496 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23497 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23498 "A String", 23499 ], 23500 }, 23501 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23502 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23503 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23504 { # HTTPHeader describes a custom header to be used in HTTP probes 23505 "name": "A String", # The header field name 23506 "value": "A String", # The header field value 23507 }, 23508 ], 23509 "path": "A String", # Path to access on the HTTP server. +optional 23510 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23511 "intVal": 42, # The int value. 23512 "strVal": "A String", # The string value. 23513 "type": 42, # The type of the value. 23514 }, 23515 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23516 }, 23517 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23518 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23519 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23520 "intVal": 42, # The int value. 23521 "strVal": "A String", # The string value. 23522 "type": 42, # The type of the value. 23523 }, 23524 }, 23525 }, 23526 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23527 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23528 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23529 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23530 }, 23531 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 23532 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 23533 { # ContainerPort represents a network port in a single container. 23534 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 23535 "hostIP": "A String", # What host IP to bind the external port to. +optional 23536 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 23537 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 23538 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 23539 }, 23540 ], 23541 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23542 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23543 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23544 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23545 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23546 "A String", 23547 ], 23548 }, 23549 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23550 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23551 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23552 { # HTTPHeader describes a custom header to be used in HTTP probes 23553 "name": "A String", # The header field name 23554 "value": "A String", # The header field value 23555 }, 23556 ], 23557 "path": "A String", # Path to access on the HTTP server. +optional 23558 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23559 "intVal": 42, # The int value. 23560 "strVal": "A String", # The string value. 23561 "type": 42, # The type of the value. 23562 }, 23563 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23564 }, 23565 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23566 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23567 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23568 "intVal": 42, # The int value. 23569 "strVal": "A String", # The string value. 23570 "type": 42, # The type of the value. 23571 }, 23572 }, 23573 }, 23574 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23575 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23576 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23577 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23578 }, 23579 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 23580 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23581 "a_key": "A String", 23582 }, 23583 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 23584 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23585 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23586 }, 23587 }, 23588 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23589 "a_key": "A String", 23590 }, 23591 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 23592 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23593 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23594 }, 23595 }, 23596 }, 23597 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 23598 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 23599 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 23600 "add": [ # Added capabilities +optional 23601 "A String", 23602 ], 23603 "drop": [ # Removed capabilities +optional 23604 "A String", 23605 ], 23606 }, 23607 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 23608 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 23609 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23610 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23611 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23612 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23613 "level": "A String", # Level is SELinux level label that applies to the container. +optional 23614 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 23615 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 23616 "user": "A String", # User is a SELinux user label that applies to the container. +optional 23617 }, 23618 }, 23619 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 23620 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 23621 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 23622 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 23623 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 23624 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 23625 { # volumeDevice describes a mapping of a raw block device within a container. 23626 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 23627 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 23628 }, 23629 ], 23630 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 23631 { # VolumeMount describes a mounting of a Volume within a container. 23632 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 23633 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 23634 "name": "A String", # This must match the Name of a Volume. 23635 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 23636 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 23637 }, 23638 ], 23639 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 23640 }, 23641 ], 23642 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 23643 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 23644 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 23645 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 23646 "volumes": [ 23647 { # Volume represents a named volume in a container. 23648 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 23649 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 23650 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 23651 { # Maps a string key to a path within a volume. 23652 "key": "A String", # The key to project. 23653 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 23654 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 23655 }, 23656 ], 23657 "name": "A String", # Name of the config. 23658 "optional": True or False, # Specify whether the Secret or its keys must be defined. 23659 }, 23660 "name": "A String", # Volume's name. 23661 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 23662 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 23663 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 23664 { # Maps a string key to a path within a volume. 23665 "key": "A String", # The key to project. 23666 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 23667 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 23668 }, 23669 ], 23670 "optional": True or False, # Specify whether the Secret or its keys must be defined. 23671 "secretName": "A String", # Name of the secret in the container's namespace to use. 23672 }, 23673 }, 23674 ], 23675 }, 23676 }, 23677 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 23678 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 23679 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 23680 "a_key": "A String", 23681 }, 23682 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 23683 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23684 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 23685 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 23686 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 23687 "A String", 23688 ], 23689 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 23690 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 23691 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 23692 "a_key": "A String", 23693 }, 23694 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 23695 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 23696 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 23697 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 23698 "apiVersion": "A String", # API version of the referent. 23699 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 23700 "controller": True or False, # If true, this reference points to the managing controller. +optional 23701 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 23702 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 23703 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 23704 }, 23705 ], 23706 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 23707 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 23708 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 23709 }, 23710 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 23711 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 23712 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 23713 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23714 "A String", 23715 ], 23716 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23717 "A String", 23718 ], 23719 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23720 { # EnvVar represents an environment variable present in a Container. 23721 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23722 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23723 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23724 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23725 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23726 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23727 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23728 }, 23729 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23730 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23731 }, 23732 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23733 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 23734 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23735 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23736 }, 23737 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 23738 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 23739 }, 23740 }, 23741 }, 23742 ], 23743 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 23744 { # EnvFromSource represents the source of a set of ConfigMaps 23745 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 23746 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23747 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23748 }, 23749 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 23750 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 23751 }, 23752 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 23753 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 23754 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23755 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23756 }, 23757 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 23758 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 23759 }, 23760 }, 23761 ], 23762 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 23763 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 23764 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 23765 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23766 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23767 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23768 "A String", 23769 ], 23770 }, 23771 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23772 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23773 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23774 { # HTTPHeader describes a custom header to be used in HTTP probes 23775 "name": "A String", # The header field name 23776 "value": "A String", # The header field value 23777 }, 23778 ], 23779 "path": "A String", # Path to access on the HTTP server. +optional 23780 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23781 "intVal": 42, # The int value. 23782 "strVal": "A String", # The string value. 23783 "type": 42, # The type of the value. 23784 }, 23785 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23786 }, 23787 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23788 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23789 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23790 "intVal": 42, # The int value. 23791 "strVal": "A String", # The string value. 23792 "type": 42, # The type of the value. 23793 }, 23794 }, 23795 }, 23796 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 23797 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23798 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23799 "A String", 23800 ], 23801 }, 23802 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23803 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23804 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23805 { # HTTPHeader describes a custom header to be used in HTTP probes 23806 "name": "A String", # The header field name 23807 "value": "A String", # The header field value 23808 }, 23809 ], 23810 "path": "A String", # Path to access on the HTTP server. +optional 23811 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23812 "intVal": 42, # The int value. 23813 "strVal": "A String", # The string value. 23814 "type": 42, # The type of the value. 23815 }, 23816 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23817 }, 23818 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23819 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23820 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23821 "intVal": 42, # The int value. 23822 "strVal": "A String", # The string value. 23823 "type": 42, # The type of the value. 23824 }, 23825 }, 23826 }, 23827 }, 23828 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23829 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23830 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23831 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23832 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23833 "A String", 23834 ], 23835 }, 23836 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23837 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23838 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23839 { # HTTPHeader describes a custom header to be used in HTTP probes 23840 "name": "A String", # The header field name 23841 "value": "A String", # The header field value 23842 }, 23843 ], 23844 "path": "A String", # Path to access on the HTTP server. +optional 23845 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23846 "intVal": 42, # The int value. 23847 "strVal": "A String", # The string value. 23848 "type": 42, # The type of the value. 23849 }, 23850 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23851 }, 23852 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23853 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23854 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23855 "intVal": 42, # The int value. 23856 "strVal": "A String", # The string value. 23857 "type": 42, # The type of the value. 23858 }, 23859 }, 23860 }, 23861 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23862 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23863 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23864 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23865 }, 23866 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 23867 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 23868 { # ContainerPort represents a network port in a single container. 23869 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 23870 "hostIP": "A String", # What host IP to bind the external port to. +optional 23871 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 23872 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 23873 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 23874 }, 23875 ], 23876 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23877 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 23878 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 23879 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 23880 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 23881 "A String", 23882 ], 23883 }, 23884 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 23885 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 23886 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 23887 { # HTTPHeader describes a custom header to be used in HTTP probes 23888 "name": "A String", # The header field name 23889 "value": "A String", # The header field value 23890 }, 23891 ], 23892 "path": "A String", # Path to access on the HTTP server. +optional 23893 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23894 "intVal": 42, # The int value. 23895 "strVal": "A String", # The string value. 23896 "type": 42, # The type of the value. 23897 }, 23898 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 23899 }, 23900 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 23901 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 23902 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 23903 "intVal": 42, # The int value. 23904 "strVal": "A String", # The string value. 23905 "type": 42, # The type of the value. 23906 }, 23907 }, 23908 }, 23909 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23910 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 23911 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 23912 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 23913 }, 23914 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 23915 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23916 "a_key": "A String", 23917 }, 23918 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 23919 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23920 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23921 }, 23922 }, 23923 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 23924 "a_key": "A String", 23925 }, 23926 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 23927 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 23928 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 23929 }, 23930 }, 23931 }, 23932 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 23933 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 23934 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 23935 "add": [ # Added capabilities +optional 23936 "A String", 23937 ], 23938 "drop": [ # Removed capabilities +optional 23939 "A String", 23940 ], 23941 }, 23942 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 23943 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 23944 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23945 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23946 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23947 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 23948 "level": "A String", # Level is SELinux level label that applies to the container. +optional 23949 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 23950 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 23951 "user": "A String", # User is a SELinux user label that applies to the container. +optional 23952 }, 23953 }, 23954 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 23955 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 23956 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 23957 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 23958 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 23959 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 23960 { # volumeDevice describes a mapping of a raw block device within a container. 23961 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 23962 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 23963 }, 23964 ], 23965 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 23966 { # VolumeMount describes a mounting of a Volume within a container. 23967 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 23968 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 23969 "name": "A String", # This must match the Name of a Volume. 23970 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 23971 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 23972 }, 23973 ], 23974 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 23975 }, 23976 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 23977 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 23978 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 23979 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23980 "A String", 23981 ], 23982 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 23983 "A String", 23984 ], 23985 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 23986 { # EnvVar represents an environment variable present in a Container. 23987 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 23988 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 23989 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 23990 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 23991 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 23992 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 23993 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 23994 }, 23995 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 23996 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 23997 }, 23998 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 23999 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 24000 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24001 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24002 }, 24003 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 24004 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 24005 }, 24006 }, 24007 }, 24008 ], 24009 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 24010 { # EnvFromSource represents the source of a set of ConfigMaps 24011 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 24012 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24013 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24014 }, 24015 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 24016 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 24017 }, 24018 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 24019 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 24020 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24021 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24022 }, 24023 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 24024 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 24025 }, 24026 }, 24027 ], 24028 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 24029 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 24030 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 24031 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24032 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24033 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24034 "A String", 24035 ], 24036 }, 24037 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24038 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24039 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24040 { # HTTPHeader describes a custom header to be used in HTTP probes 24041 "name": "A String", # The header field name 24042 "value": "A String", # The header field value 24043 }, 24044 ], 24045 "path": "A String", # Path to access on the HTTP server. +optional 24046 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24047 "intVal": 42, # The int value. 24048 "strVal": "A String", # The string value. 24049 "type": 42, # The type of the value. 24050 }, 24051 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24052 }, 24053 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24054 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24055 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24056 "intVal": 42, # The int value. 24057 "strVal": "A String", # The string value. 24058 "type": 42, # The type of the value. 24059 }, 24060 }, 24061 }, 24062 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24063 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24064 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24065 "A String", 24066 ], 24067 }, 24068 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24069 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24070 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24071 { # HTTPHeader describes a custom header to be used in HTTP probes 24072 "name": "A String", # The header field name 24073 "value": "A String", # The header field value 24074 }, 24075 ], 24076 "path": "A String", # Path to access on the HTTP server. +optional 24077 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24078 "intVal": 42, # The int value. 24079 "strVal": "A String", # The string value. 24080 "type": 42, # The type of the value. 24081 }, 24082 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24083 }, 24084 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24085 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24086 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24087 "intVal": 42, # The int value. 24088 "strVal": "A String", # The string value. 24089 "type": 42, # The type of the value. 24090 }, 24091 }, 24092 }, 24093 }, 24094 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24095 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24096 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24097 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24098 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24099 "A String", 24100 ], 24101 }, 24102 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24103 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24104 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24105 { # HTTPHeader describes a custom header to be used in HTTP probes 24106 "name": "A String", # The header field name 24107 "value": "A String", # The header field value 24108 }, 24109 ], 24110 "path": "A String", # Path to access on the HTTP server. +optional 24111 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24112 "intVal": 42, # The int value. 24113 "strVal": "A String", # The string value. 24114 "type": 42, # The type of the value. 24115 }, 24116 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24117 }, 24118 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24119 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24120 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24121 "intVal": 42, # The int value. 24122 "strVal": "A String", # The string value. 24123 "type": 42, # The type of the value. 24124 }, 24125 }, 24126 }, 24127 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24128 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24129 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24130 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24131 }, 24132 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 24133 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 24134 { # ContainerPort represents a network port in a single container. 24135 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 24136 "hostIP": "A String", # What host IP to bind the external port to. +optional 24137 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 24138 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 24139 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 24140 }, 24141 ], 24142 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24143 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24144 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24145 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24146 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24147 "A String", 24148 ], 24149 }, 24150 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24151 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24152 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24153 { # HTTPHeader describes a custom header to be used in HTTP probes 24154 "name": "A String", # The header field name 24155 "value": "A String", # The header field value 24156 }, 24157 ], 24158 "path": "A String", # Path to access on the HTTP server. +optional 24159 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24160 "intVal": 42, # The int value. 24161 "strVal": "A String", # The string value. 24162 "type": 42, # The type of the value. 24163 }, 24164 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24165 }, 24166 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24167 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24168 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24169 "intVal": 42, # The int value. 24170 "strVal": "A String", # The string value. 24171 "type": 42, # The type of the value. 24172 }, 24173 }, 24174 }, 24175 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24176 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24177 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24178 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24179 }, 24180 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 24181 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24182 "a_key": "A String", 24183 }, 24184 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 24185 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24186 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24187 }, 24188 }, 24189 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24190 "a_key": "A String", 24191 }, 24192 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 24193 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24194 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24195 }, 24196 }, 24197 }, 24198 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 24199 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 24200 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 24201 "add": [ # Added capabilities +optional 24202 "A String", 24203 ], 24204 "drop": [ # Removed capabilities +optional 24205 "A String", 24206 ], 24207 }, 24208 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 24209 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 24210 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24211 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24212 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24213 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24214 "level": "A String", # Level is SELinux level label that applies to the container. +optional 24215 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 24216 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 24217 "user": "A String", # User is a SELinux user label that applies to the container. +optional 24218 }, 24219 }, 24220 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 24221 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 24222 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 24223 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 24224 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 24225 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 24226 { # volumeDevice describes a mapping of a raw block device within a container. 24227 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 24228 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 24229 }, 24230 ], 24231 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 24232 { # VolumeMount describes a mounting of a Volume within a container. 24233 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 24234 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 24235 "name": "A String", # This must match the Name of a Volume. 24236 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 24237 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 24238 }, 24239 ], 24240 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 24241 }, 24242 ], 24243 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 24244 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 24245 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 24246 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 24247 "volumes": [ 24248 { # Volume represents a named volume in a container. 24249 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 24250 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24251 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24252 { # Maps a string key to a path within a volume. 24253 "key": "A String", # The key to project. 24254 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24255 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24256 }, 24257 ], 24258 "name": "A String", # Name of the config. 24259 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24260 }, 24261 "name": "A String", # Volume's name. 24262 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 24263 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24264 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24265 { # Maps a string key to a path within a volume. 24266 "key": "A String", # The key to project. 24267 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24268 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24269 }, 24270 ], 24271 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24272 "secretName": "A String", # Name of the secret in the container's namespace to use. 24273 }, 24274 }, 24275 ], 24276 }, 24277 }, 24278 }, 24279 "revisions": [ # Revisions is an ordered list of 1 or 2 revisions. The first is the current revision, and the second is the candidate revision. If a single revision is provided, traffic will be pinned at that revision. "@latest" is a shortcut for usage that refers to the latest created revision by the configuration. 24280 "A String", 24281 ], 24282 "rolloutPercent": 42, # RolloutPercent is the percent of traffic that should be sent to the candidate revision, i.e. the 2nd revision in the revisions list. Valid values are between 0 and 99 inclusive. 24283 }, 24284 "runLatest": { # ServiceSpecRunLatest contains the options for always having a route to the latest configuration. See ServiceSpec for more details. # RunLatest defines a simple Service. It will automatically configure a route that keeps the latest ready revision from the supplied configuration running. +optional 24285 "configuration": { # ConfigurationSpec holds the desired state of the Configuration (from the client). # The configuration for this service. 24286 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 24287 "revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # RevisionTemplate holds the latest specification for the Revision to be stamped out. The template references the container image, and may also include labels and annotations that should be attached to the Revision. To correlate a Revision, and/or to force a Revision to be created when the spec doesn't otherwise change, a nonce label may be provided in the template metadata. For more details, see: https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions Cloud Run does not currently support referencing a build that is responsible for materializing the container image from source. 24288 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 24289 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 24290 "a_key": "A String", 24291 }, 24292 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 24293 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24294 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 24295 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24296 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 24297 "A String", 24298 ], 24299 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 24300 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 24301 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 24302 "a_key": "A String", 24303 }, 24304 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 24305 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 24306 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 24307 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 24308 "apiVersion": "A String", # API version of the referent. 24309 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 24310 "controller": True or False, # If true, this reference points to the managing controller. +optional 24311 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 24312 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 24313 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 24314 }, 24315 ], 24316 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 24317 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 24318 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 24319 }, 24320 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 24321 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 24322 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 24323 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24324 "A String", 24325 ], 24326 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24327 "A String", 24328 ], 24329 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 24330 { # EnvVar represents an environment variable present in a Container. 24331 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 24332 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 24333 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 24334 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 24335 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 24336 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24337 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24338 }, 24339 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 24340 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 24341 }, 24342 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 24343 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 24344 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24345 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24346 }, 24347 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 24348 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 24349 }, 24350 }, 24351 }, 24352 ], 24353 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 24354 { # EnvFromSource represents the source of a set of ConfigMaps 24355 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 24356 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24357 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24358 }, 24359 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 24360 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 24361 }, 24362 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 24363 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 24364 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24365 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24366 }, 24367 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 24368 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 24369 }, 24370 }, 24371 ], 24372 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 24373 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 24374 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 24375 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24376 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24377 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24378 "A String", 24379 ], 24380 }, 24381 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24382 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24383 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24384 { # HTTPHeader describes a custom header to be used in HTTP probes 24385 "name": "A String", # The header field name 24386 "value": "A String", # The header field value 24387 }, 24388 ], 24389 "path": "A String", # Path to access on the HTTP server. +optional 24390 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24391 "intVal": 42, # The int value. 24392 "strVal": "A String", # The string value. 24393 "type": 42, # The type of the value. 24394 }, 24395 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24396 }, 24397 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24398 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24399 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24400 "intVal": 42, # The int value. 24401 "strVal": "A String", # The string value. 24402 "type": 42, # The type of the value. 24403 }, 24404 }, 24405 }, 24406 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24407 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24408 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24409 "A String", 24410 ], 24411 }, 24412 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24413 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24414 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24415 { # HTTPHeader describes a custom header to be used in HTTP probes 24416 "name": "A String", # The header field name 24417 "value": "A String", # The header field value 24418 }, 24419 ], 24420 "path": "A String", # Path to access on the HTTP server. +optional 24421 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24422 "intVal": 42, # The int value. 24423 "strVal": "A String", # The string value. 24424 "type": 42, # The type of the value. 24425 }, 24426 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24427 }, 24428 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24429 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24430 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24431 "intVal": 42, # The int value. 24432 "strVal": "A String", # The string value. 24433 "type": 42, # The type of the value. 24434 }, 24435 }, 24436 }, 24437 }, 24438 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24439 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24440 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24441 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24442 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24443 "A String", 24444 ], 24445 }, 24446 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24447 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24448 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24449 { # HTTPHeader describes a custom header to be used in HTTP probes 24450 "name": "A String", # The header field name 24451 "value": "A String", # The header field value 24452 }, 24453 ], 24454 "path": "A String", # Path to access on the HTTP server. +optional 24455 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24456 "intVal": 42, # The int value. 24457 "strVal": "A String", # The string value. 24458 "type": 42, # The type of the value. 24459 }, 24460 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24461 }, 24462 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24463 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24464 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24465 "intVal": 42, # The int value. 24466 "strVal": "A String", # The string value. 24467 "type": 42, # The type of the value. 24468 }, 24469 }, 24470 }, 24471 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24472 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24473 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24474 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24475 }, 24476 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 24477 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 24478 { # ContainerPort represents a network port in a single container. 24479 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 24480 "hostIP": "A String", # What host IP to bind the external port to. +optional 24481 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 24482 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 24483 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 24484 }, 24485 ], 24486 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24487 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24488 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24489 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24490 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24491 "A String", 24492 ], 24493 }, 24494 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24495 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24496 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24497 { # HTTPHeader describes a custom header to be used in HTTP probes 24498 "name": "A String", # The header field name 24499 "value": "A String", # The header field value 24500 }, 24501 ], 24502 "path": "A String", # Path to access on the HTTP server. +optional 24503 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24504 "intVal": 42, # The int value. 24505 "strVal": "A String", # The string value. 24506 "type": 42, # The type of the value. 24507 }, 24508 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24509 }, 24510 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24511 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24512 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24513 "intVal": 42, # The int value. 24514 "strVal": "A String", # The string value. 24515 "type": 42, # The type of the value. 24516 }, 24517 }, 24518 }, 24519 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24520 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24521 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24522 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24523 }, 24524 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 24525 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24526 "a_key": "A String", 24527 }, 24528 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 24529 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24530 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24531 }, 24532 }, 24533 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24534 "a_key": "A String", 24535 }, 24536 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 24537 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24538 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24539 }, 24540 }, 24541 }, 24542 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 24543 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 24544 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 24545 "add": [ # Added capabilities +optional 24546 "A String", 24547 ], 24548 "drop": [ # Removed capabilities +optional 24549 "A String", 24550 ], 24551 }, 24552 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 24553 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 24554 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24555 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24556 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24557 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24558 "level": "A String", # Level is SELinux level label that applies to the container. +optional 24559 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 24560 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 24561 "user": "A String", # User is a SELinux user label that applies to the container. +optional 24562 }, 24563 }, 24564 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 24565 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 24566 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 24567 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 24568 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 24569 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 24570 { # volumeDevice describes a mapping of a raw block device within a container. 24571 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 24572 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 24573 }, 24574 ], 24575 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 24576 { # VolumeMount describes a mounting of a Volume within a container. 24577 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 24578 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 24579 "name": "A String", # This must match the Name of a Volume. 24580 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 24581 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 24582 }, 24583 ], 24584 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 24585 }, 24586 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 24587 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 24588 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 24589 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24590 "A String", 24591 ], 24592 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24593 "A String", 24594 ], 24595 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 24596 { # EnvVar represents an environment variable present in a Container. 24597 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 24598 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 24599 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 24600 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 24601 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 24602 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24603 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24604 }, 24605 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 24606 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 24607 }, 24608 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 24609 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 24610 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24611 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24612 }, 24613 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 24614 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 24615 }, 24616 }, 24617 }, 24618 ], 24619 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 24620 { # EnvFromSource represents the source of a set of ConfigMaps 24621 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 24622 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24623 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24624 }, 24625 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 24626 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 24627 }, 24628 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 24629 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 24630 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24631 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24632 }, 24633 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 24634 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 24635 }, 24636 }, 24637 ], 24638 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 24639 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 24640 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 24641 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24642 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24643 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24644 "A String", 24645 ], 24646 }, 24647 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24648 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24649 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24650 { # HTTPHeader describes a custom header to be used in HTTP probes 24651 "name": "A String", # The header field name 24652 "value": "A String", # The header field value 24653 }, 24654 ], 24655 "path": "A String", # Path to access on the HTTP server. +optional 24656 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24657 "intVal": 42, # The int value. 24658 "strVal": "A String", # The string value. 24659 "type": 42, # The type of the value. 24660 }, 24661 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24662 }, 24663 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24664 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24665 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24666 "intVal": 42, # The int value. 24667 "strVal": "A String", # The string value. 24668 "type": 42, # The type of the value. 24669 }, 24670 }, 24671 }, 24672 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24673 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24674 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24675 "A String", 24676 ], 24677 }, 24678 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24679 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24680 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24681 { # HTTPHeader describes a custom header to be used in HTTP probes 24682 "name": "A String", # The header field name 24683 "value": "A String", # The header field value 24684 }, 24685 ], 24686 "path": "A String", # Path to access on the HTTP server. +optional 24687 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24688 "intVal": 42, # The int value. 24689 "strVal": "A String", # The string value. 24690 "type": 42, # The type of the value. 24691 }, 24692 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24693 }, 24694 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24695 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24696 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24697 "intVal": 42, # The int value. 24698 "strVal": "A String", # The string value. 24699 "type": 42, # The type of the value. 24700 }, 24701 }, 24702 }, 24703 }, 24704 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24705 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24706 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24707 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24708 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24709 "A String", 24710 ], 24711 }, 24712 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24713 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24714 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24715 { # HTTPHeader describes a custom header to be used in HTTP probes 24716 "name": "A String", # The header field name 24717 "value": "A String", # The header field value 24718 }, 24719 ], 24720 "path": "A String", # Path to access on the HTTP server. +optional 24721 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24722 "intVal": 42, # The int value. 24723 "strVal": "A String", # The string value. 24724 "type": 42, # The type of the value. 24725 }, 24726 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24727 }, 24728 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24729 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24730 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24731 "intVal": 42, # The int value. 24732 "strVal": "A String", # The string value. 24733 "type": 42, # The type of the value. 24734 }, 24735 }, 24736 }, 24737 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24738 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24739 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24740 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24741 }, 24742 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 24743 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 24744 { # ContainerPort represents a network port in a single container. 24745 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 24746 "hostIP": "A String", # What host IP to bind the external port to. +optional 24747 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 24748 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 24749 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 24750 }, 24751 ], 24752 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24753 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 24754 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 24755 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24756 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24757 "A String", 24758 ], 24759 }, 24760 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24761 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24762 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24763 { # HTTPHeader describes a custom header to be used in HTTP probes 24764 "name": "A String", # The header field name 24765 "value": "A String", # The header field value 24766 }, 24767 ], 24768 "path": "A String", # Path to access on the HTTP server. +optional 24769 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24770 "intVal": 42, # The int value. 24771 "strVal": "A String", # The string value. 24772 "type": 42, # The type of the value. 24773 }, 24774 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24775 }, 24776 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24777 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 24778 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24779 "intVal": 42, # The int value. 24780 "strVal": "A String", # The string value. 24781 "type": 42, # The type of the value. 24782 }, 24783 }, 24784 }, 24785 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24786 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 24787 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 24788 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 24789 }, 24790 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 24791 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24792 "a_key": "A String", 24793 }, 24794 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 24795 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24796 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24797 }, 24798 }, 24799 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 24800 "a_key": "A String", 24801 }, 24802 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 24803 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 24804 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 24805 }, 24806 }, 24807 }, 24808 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 24809 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 24810 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 24811 "add": [ # Added capabilities +optional 24812 "A String", 24813 ], 24814 "drop": [ # Removed capabilities +optional 24815 "A String", 24816 ], 24817 }, 24818 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 24819 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 24820 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24821 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24822 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24823 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 24824 "level": "A String", # Level is SELinux level label that applies to the container. +optional 24825 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 24826 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 24827 "user": "A String", # User is a SELinux user label that applies to the container. +optional 24828 }, 24829 }, 24830 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 24831 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 24832 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 24833 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 24834 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 24835 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 24836 { # volumeDevice describes a mapping of a raw block device within a container. 24837 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 24838 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 24839 }, 24840 ], 24841 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 24842 { # VolumeMount describes a mounting of a Volume within a container. 24843 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 24844 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 24845 "name": "A String", # This must match the Name of a Volume. 24846 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 24847 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 24848 }, 24849 ], 24850 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 24851 }, 24852 ], 24853 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 24854 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 24855 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 24856 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 24857 "volumes": [ 24858 { # Volume represents a named volume in a container. 24859 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 24860 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24861 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24862 { # Maps a string key to a path within a volume. 24863 "key": "A String", # The key to project. 24864 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24865 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24866 }, 24867 ], 24868 "name": "A String", # Name of the config. 24869 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24870 }, 24871 "name": "A String", # Volume's name. 24872 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 24873 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 24874 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 24875 { # Maps a string key to a path within a volume. 24876 "key": "A String", # The key to project. 24877 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 24878 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 24879 }, 24880 ], 24881 "optional": True or False, # Specify whether the Secret or its keys must be defined. 24882 "secretName": "A String", # Name of the secret in the container's namespace to use. 24883 }, 24884 }, 24885 ], 24886 }, 24887 }, 24888 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 24889 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 24890 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 24891 "a_key": "A String", 24892 }, 24893 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 24894 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24895 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 24896 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 24897 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 24898 "A String", 24899 ], 24900 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 24901 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 24902 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 24903 "a_key": "A String", 24904 }, 24905 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 24906 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 24907 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 24908 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 24909 "apiVersion": "A String", # API version of the referent. 24910 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 24911 "controller": True or False, # If true, this reference points to the managing controller. +optional 24912 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 24913 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 24914 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 24915 }, 24916 ], 24917 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 24918 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 24919 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 24920 }, 24921 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 24922 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 24923 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 24924 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24925 "A String", 24926 ], 24927 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 24928 "A String", 24929 ], 24930 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 24931 { # EnvVar represents an environment variable present in a Container. 24932 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 24933 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 24934 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 24935 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 24936 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 24937 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24938 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24939 }, 24940 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 24941 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 24942 }, 24943 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 24944 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 24945 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24946 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24947 }, 24948 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 24949 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 24950 }, 24951 }, 24952 }, 24953 ], 24954 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 24955 { # EnvFromSource represents the source of a set of ConfigMaps 24956 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 24957 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24958 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24959 }, 24960 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 24961 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 24962 }, 24963 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 24964 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 24965 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 24966 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 24967 }, 24968 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 24969 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 24970 }, 24971 }, 24972 ], 24973 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 24974 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 24975 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 24976 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 24977 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 24978 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 24979 "A String", 24980 ], 24981 }, 24982 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 24983 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 24984 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 24985 { # HTTPHeader describes a custom header to be used in HTTP probes 24986 "name": "A String", # The header field name 24987 "value": "A String", # The header field value 24988 }, 24989 ], 24990 "path": "A String", # Path to access on the HTTP server. +optional 24991 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 24992 "intVal": 42, # The int value. 24993 "strVal": "A String", # The string value. 24994 "type": 42, # The type of the value. 24995 }, 24996 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 24997 }, 24998 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 24999 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25000 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25001 "intVal": 42, # The int value. 25002 "strVal": "A String", # The string value. 25003 "type": 42, # The type of the value. 25004 }, 25005 }, 25006 }, 25007 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25008 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25009 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25010 "A String", 25011 ], 25012 }, 25013 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25014 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25015 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25016 { # HTTPHeader describes a custom header to be used in HTTP probes 25017 "name": "A String", # The header field name 25018 "value": "A String", # The header field value 25019 }, 25020 ], 25021 "path": "A String", # Path to access on the HTTP server. +optional 25022 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25023 "intVal": 42, # The int value. 25024 "strVal": "A String", # The string value. 25025 "type": 42, # The type of the value. 25026 }, 25027 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25028 }, 25029 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25030 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25031 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25032 "intVal": 42, # The int value. 25033 "strVal": "A String", # The string value. 25034 "type": 42, # The type of the value. 25035 }, 25036 }, 25037 }, 25038 }, 25039 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25040 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25041 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25042 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25043 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25044 "A String", 25045 ], 25046 }, 25047 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25048 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25049 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25050 { # HTTPHeader describes a custom header to be used in HTTP probes 25051 "name": "A String", # The header field name 25052 "value": "A String", # The header field value 25053 }, 25054 ], 25055 "path": "A String", # Path to access on the HTTP server. +optional 25056 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25057 "intVal": 42, # The int value. 25058 "strVal": "A String", # The string value. 25059 "type": 42, # The type of the value. 25060 }, 25061 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25062 }, 25063 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25064 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25065 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25066 "intVal": 42, # The int value. 25067 "strVal": "A String", # The string value. 25068 "type": 42, # The type of the value. 25069 }, 25070 }, 25071 }, 25072 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25073 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25074 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25075 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25076 }, 25077 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25078 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25079 { # ContainerPort represents a network port in a single container. 25080 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25081 "hostIP": "A String", # What host IP to bind the external port to. +optional 25082 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25083 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25084 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25085 }, 25086 ], 25087 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25088 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25089 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25090 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25091 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25092 "A String", 25093 ], 25094 }, 25095 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25096 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25097 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25098 { # HTTPHeader describes a custom header to be used in HTTP probes 25099 "name": "A String", # The header field name 25100 "value": "A String", # The header field value 25101 }, 25102 ], 25103 "path": "A String", # Path to access on the HTTP server. +optional 25104 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25105 "intVal": 42, # The int value. 25106 "strVal": "A String", # The string value. 25107 "type": 42, # The type of the value. 25108 }, 25109 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25110 }, 25111 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25112 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25113 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25114 "intVal": 42, # The int value. 25115 "strVal": "A String", # The string value. 25116 "type": 42, # The type of the value. 25117 }, 25118 }, 25119 }, 25120 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25121 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25122 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25123 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25124 }, 25125 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25126 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25127 "a_key": "A String", 25128 }, 25129 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25130 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25131 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25132 }, 25133 }, 25134 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25135 "a_key": "A String", 25136 }, 25137 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 25138 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25139 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25140 }, 25141 }, 25142 }, 25143 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 25144 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 25145 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 25146 "add": [ # Added capabilities +optional 25147 "A String", 25148 ], 25149 "drop": [ # Removed capabilities +optional 25150 "A String", 25151 ], 25152 }, 25153 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 25154 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 25155 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25156 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25157 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25158 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25159 "level": "A String", # Level is SELinux level label that applies to the container. +optional 25160 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 25161 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 25162 "user": "A String", # User is a SELinux user label that applies to the container. +optional 25163 }, 25164 }, 25165 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 25166 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 25167 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 25168 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 25169 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 25170 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 25171 { # volumeDevice describes a mapping of a raw block device within a container. 25172 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 25173 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 25174 }, 25175 ], 25176 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 25177 { # VolumeMount describes a mounting of a Volume within a container. 25178 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 25179 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 25180 "name": "A String", # This must match the Name of a Volume. 25181 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 25182 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 25183 }, 25184 ], 25185 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 25186 }, 25187 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 25188 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 25189 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 25190 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25191 "A String", 25192 ], 25193 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25194 "A String", 25195 ], 25196 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 25197 { # EnvVar represents an environment variable present in a Container. 25198 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 25199 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 25200 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 25201 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 25202 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 25203 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25204 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25205 }, 25206 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 25207 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 25208 }, 25209 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 25210 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 25211 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25212 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25213 }, 25214 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 25215 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 25216 }, 25217 }, 25218 }, 25219 ], 25220 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 25221 { # EnvFromSource represents the source of a set of ConfigMaps 25222 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 25223 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25224 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25225 }, 25226 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 25227 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 25228 }, 25229 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 25230 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 25231 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25232 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25233 }, 25234 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 25235 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 25236 }, 25237 }, 25238 ], 25239 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 25240 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 25241 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 25242 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25243 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25244 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25245 "A String", 25246 ], 25247 }, 25248 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25249 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25250 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25251 { # HTTPHeader describes a custom header to be used in HTTP probes 25252 "name": "A String", # The header field name 25253 "value": "A String", # The header field value 25254 }, 25255 ], 25256 "path": "A String", # Path to access on the HTTP server. +optional 25257 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25258 "intVal": 42, # The int value. 25259 "strVal": "A String", # The string value. 25260 "type": 42, # The type of the value. 25261 }, 25262 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25263 }, 25264 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25265 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25266 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25267 "intVal": 42, # The int value. 25268 "strVal": "A String", # The string value. 25269 "type": 42, # The type of the value. 25270 }, 25271 }, 25272 }, 25273 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25274 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25275 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25276 "A String", 25277 ], 25278 }, 25279 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25280 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25281 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25282 { # HTTPHeader describes a custom header to be used in HTTP probes 25283 "name": "A String", # The header field name 25284 "value": "A String", # The header field value 25285 }, 25286 ], 25287 "path": "A String", # Path to access on the HTTP server. +optional 25288 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25289 "intVal": 42, # The int value. 25290 "strVal": "A String", # The string value. 25291 "type": 42, # The type of the value. 25292 }, 25293 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25294 }, 25295 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25296 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25297 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25298 "intVal": 42, # The int value. 25299 "strVal": "A String", # The string value. 25300 "type": 42, # The type of the value. 25301 }, 25302 }, 25303 }, 25304 }, 25305 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25306 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25307 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25308 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25309 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25310 "A String", 25311 ], 25312 }, 25313 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25314 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25315 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25316 { # HTTPHeader describes a custom header to be used in HTTP probes 25317 "name": "A String", # The header field name 25318 "value": "A String", # The header field value 25319 }, 25320 ], 25321 "path": "A String", # Path to access on the HTTP server. +optional 25322 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25323 "intVal": 42, # The int value. 25324 "strVal": "A String", # The string value. 25325 "type": 42, # The type of the value. 25326 }, 25327 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25328 }, 25329 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25330 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25331 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25332 "intVal": 42, # The int value. 25333 "strVal": "A String", # The string value. 25334 "type": 42, # The type of the value. 25335 }, 25336 }, 25337 }, 25338 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25339 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25340 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25341 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25342 }, 25343 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25344 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25345 { # ContainerPort represents a network port in a single container. 25346 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25347 "hostIP": "A String", # What host IP to bind the external port to. +optional 25348 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25349 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25350 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25351 }, 25352 ], 25353 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25354 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25355 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25356 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25357 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25358 "A String", 25359 ], 25360 }, 25361 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25362 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25363 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25364 { # HTTPHeader describes a custom header to be used in HTTP probes 25365 "name": "A String", # The header field name 25366 "value": "A String", # The header field value 25367 }, 25368 ], 25369 "path": "A String", # Path to access on the HTTP server. +optional 25370 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25371 "intVal": 42, # The int value. 25372 "strVal": "A String", # The string value. 25373 "type": 42, # The type of the value. 25374 }, 25375 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25376 }, 25377 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25378 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25379 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25380 "intVal": 42, # The int value. 25381 "strVal": "A String", # The string value. 25382 "type": 42, # The type of the value. 25383 }, 25384 }, 25385 }, 25386 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25387 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25388 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25389 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25390 }, 25391 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25392 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25393 "a_key": "A String", 25394 }, 25395 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25396 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25397 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25398 }, 25399 }, 25400 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25401 "a_key": "A String", 25402 }, 25403 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 25404 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25405 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25406 }, 25407 }, 25408 }, 25409 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 25410 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 25411 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 25412 "add": [ # Added capabilities +optional 25413 "A String", 25414 ], 25415 "drop": [ # Removed capabilities +optional 25416 "A String", 25417 ], 25418 }, 25419 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 25420 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 25421 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25422 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25423 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25424 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25425 "level": "A String", # Level is SELinux level label that applies to the container. +optional 25426 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 25427 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 25428 "user": "A String", # User is a SELinux user label that applies to the container. +optional 25429 }, 25430 }, 25431 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 25432 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 25433 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 25434 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 25435 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 25436 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 25437 { # volumeDevice describes a mapping of a raw block device within a container. 25438 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 25439 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 25440 }, 25441 ], 25442 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 25443 { # VolumeMount describes a mounting of a Volume within a container. 25444 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 25445 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 25446 "name": "A String", # This must match the Name of a Volume. 25447 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 25448 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 25449 }, 25450 ], 25451 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 25452 }, 25453 ], 25454 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 25455 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 25456 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 25457 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 25458 "volumes": [ 25459 { # Volume represents a named volume in a container. 25460 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 25461 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 25462 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 25463 { # Maps a string key to a path within a volume. 25464 "key": "A String", # The key to project. 25465 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 25466 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 25467 }, 25468 ], 25469 "name": "A String", # Name of the config. 25470 "optional": True or False, # Specify whether the Secret or its keys must be defined. 25471 }, 25472 "name": "A String", # Volume's name. 25473 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 25474 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 25475 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 25476 { # Maps a string key to a path within a volume. 25477 "key": "A String", # The key to project. 25478 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 25479 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 25480 }, 25481 ], 25482 "optional": True or False, # Specify whether the Secret or its keys must be defined. 25483 "secretName": "A String", # Name of the secret in the container's namespace to use. 25484 }, 25485 }, 25486 ], 25487 }, 25488 }, 25489 }, 25490 }, 25491 "template": { # RevisionTemplateSpec describes the data a revision should have when created from a template. Based on: https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190 # Template holds the latest specification for the Revision to be stamped out. 25492 "metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create. # Optional metadata for this Revision, including labels and annotations. Name will be generated by the Configuration. To set minimum instances for this revision, use the "autoscaling.knative.dev/minScale" annotation key. (Cloud Run on GKE only). To set maximum instances for this revision, use the "autoscaling.knative.dev/maxScale" annotation key. To set Cloud SQL connections for the revision, use the "run.googleapis.com/cloudsql-instances" annotation key. Values should be comma separated. 25493 "annotations": { # Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations +optional 25494 "a_key": "A String", 25495 }, 25496 "clusterName": "A String", # Not currently supported by Cloud Run. The name of the cluster which the object belongs to. This is used to distinguish resources with same name and namespace in different clusters. This field is not set anywhere right now and apiserver is going to ignore it if set in create or update request. +optional 25497 "creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this object was created. It is not guaranteed to be set in happens-before order across separate operations. Clients may not set this value. It is represented in RFC3339 form and is in UTC. Populated by the system. Read-only. Null for lists. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 25498 "deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run. Number of seconds allowed for this object to gracefully terminate before it will be removed from the system. Only set when deletionTimestamp is also set. May only be shortened. Read-only. +optional 25499 "deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be deleted. This field is set by the server when a graceful deletion is requested by the user, and is not directly settable by a client. The resource is expected to be deleted (no longer visible from resource lists, and not reachable by name) after the time in this field, once the finalizers list is empty. As long as the finalizers list contains items, deletion is blocked. Once the deletionTimestamp is set, this value may not be unset or be set further into the future, although it may be shortened or the resource may be deleted prior to this time. For example, a user may request that a pod is deleted in 30 seconds. The Kubelet will react by sending a graceful termination signal to the containers in the pod. After that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL) to the container and after cleanup, remove the pod from the API. In the presence of network partitions, this object may still exist after this timestamp, until an administrator or automated process can determine the resource is fully terminated. If not set, graceful deletion of the object has not been requested. Populated by the system when a graceful deletion is requested. Read-only. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata +optional 25500 "finalizers": [ # Not currently supported by Cloud Run. Must be empty before the object is deleted from the registry. Each entry is an identifier for the responsible component that will remove the entry from the list. If the deletionTimestamp of the object is non-nil, entries in this list can only be removed. +optional +patchStrategy=merge 25501 "A String", 25502 ], 25503 "generateName": "A String", # Not currently supported by Cloud Run. GenerateName is an optional prefix, used by the server, to generate a unique name ONLY IF the Name field has not been provided. If this field is used, the name returned to the client will be different than the name passed. This value will also be combined with a unique suffix. The provided value has the same validation rules as the Name field, and may be truncated by the length of the suffix required to make the value unique on the server. If this field is specified and the generated name exists, the server will NOT return a 409 - instead, it will either return 201 Created or 500 with Reason ServerTimeout indicating a unique name could not be found in the time allotted, and the client should retry (optionally after the time indicated in the Retry-After header). Applied only if Name is not specified. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency +optional string generateName = 2; 25504 "generation": 42, # A sequence number representing a specific generation of the desired state. Populated by the system. Read-only. +optional 25505 "labels": { # Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and routes. More info: http://kubernetes.io/docs/user-guide/labels +optional 25506 "a_key": "A String", 25507 }, 25508 "name": "A String", # Name must be unique within a namespace, within a Cloud Run region. Is required when creating resources, although some resources may allow a client to request the generation of an appropriate name automatically. Name is primarily intended for creation idempotence and configuration definition. Cannot be updated. More info: http://kubernetes.io/docs/user-guide/identifiers#names +optional 25509 "namespace": "A String", # Namespace defines the space within each name must be unique, within a Cloud Run region. In Cloud Run the namespace must be equal to either the project ID or project number. 25510 "ownerReferences": [ # List of objects that own this object. If ALL objects in the list have been deleted, this object will be garbage collected. +optional 25511 { # OwnerReference contains enough information to let you identify an owning object. Currently, an owning object must be in the same namespace, so there is no namespace field. 25512 "apiVersion": "A String", # API version of the referent. 25513 "blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then the owner cannot be deleted from the key-value store until this reference is removed. Defaults to false. To set this field, a user needs "delete" permission of the owner, otherwise 422 (Unprocessable Entity) will be returned. +optional 25514 "controller": True or False, # If true, this reference points to the managing controller. +optional 25515 "kind": "A String", # Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 25516 "name": "A String", # Name of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#names 25517 "uid": "A String", # UID of the referent. More info: http://kubernetes.io/docs/user-guide/identifiers#uids 25518 }, 25519 ], 25520 "resourceVersion": "A String", # An opaque value that represents the internal version of this object that can be used by clients to determine when objects have changed. May be used for optimistic concurrency, change detection, and the watch operation on a resource or set of resources. Clients must treat these values as opaque and passed unmodified back to the server. They may only be valid for a particular resource or set of resources. Populated by the system. Read-only. Value must be treated as opaque by clients and . More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency +optional 25521 "selfLink": "A String", # SelfLink is a URL representing this object. Populated by the system. Read-only. +optional string selfLink = 4; 25522 "uid": "A String", # UID is the unique in time and space value for this object. It is typically generated by the server on successful creation of a resource and is not allowed to change on PUT operations. Populated by the system. Read-only. More info: http://kubernetes.io/docs/user-guide/identifiers#uids +optional 25523 }, 25524 "spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client). 25525 "concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model (Single or Multi) for the Revision. Defaults to Multi. Deprecated in favor of ContainerConcurrency. +optional 25526 "container": { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. # Container defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of the fields of this Container, including: name, ports, and volumeMounts. The runtime contract is documented here: https://github.com/knative/serving/blob/master/docs/runtime-contract.md 25527 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25528 "A String", 25529 ], 25530 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25531 "A String", 25532 ], 25533 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 25534 { # EnvVar represents an environment variable present in a Container. 25535 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 25536 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 25537 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 25538 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 25539 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 25540 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25541 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25542 }, 25543 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 25544 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 25545 }, 25546 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 25547 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 25548 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25549 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25550 }, 25551 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 25552 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 25553 }, 25554 }, 25555 }, 25556 ], 25557 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 25558 { # EnvFromSource represents the source of a set of ConfigMaps 25559 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 25560 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25561 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25562 }, 25563 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 25564 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 25565 }, 25566 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 25567 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 25568 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25569 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25570 }, 25571 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 25572 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 25573 }, 25574 }, 25575 ], 25576 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 25577 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 25578 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 25579 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25580 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25581 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25582 "A String", 25583 ], 25584 }, 25585 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25586 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25587 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25588 { # HTTPHeader describes a custom header to be used in HTTP probes 25589 "name": "A String", # The header field name 25590 "value": "A String", # The header field value 25591 }, 25592 ], 25593 "path": "A String", # Path to access on the HTTP server. +optional 25594 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25595 "intVal": 42, # The int value. 25596 "strVal": "A String", # The string value. 25597 "type": 42, # The type of the value. 25598 }, 25599 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25600 }, 25601 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25602 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25603 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25604 "intVal": 42, # The int value. 25605 "strVal": "A String", # The string value. 25606 "type": 42, # The type of the value. 25607 }, 25608 }, 25609 }, 25610 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25611 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25612 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25613 "A String", 25614 ], 25615 }, 25616 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25617 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25618 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25619 { # HTTPHeader describes a custom header to be used in HTTP probes 25620 "name": "A String", # The header field name 25621 "value": "A String", # The header field value 25622 }, 25623 ], 25624 "path": "A String", # Path to access on the HTTP server. +optional 25625 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25626 "intVal": 42, # The int value. 25627 "strVal": "A String", # The string value. 25628 "type": 42, # The type of the value. 25629 }, 25630 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25631 }, 25632 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25633 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25634 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25635 "intVal": 42, # The int value. 25636 "strVal": "A String", # The string value. 25637 "type": 42, # The type of the value. 25638 }, 25639 }, 25640 }, 25641 }, 25642 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25643 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25644 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25645 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25646 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25647 "A String", 25648 ], 25649 }, 25650 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25651 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25652 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25653 { # HTTPHeader describes a custom header to be used in HTTP probes 25654 "name": "A String", # The header field name 25655 "value": "A String", # The header field value 25656 }, 25657 ], 25658 "path": "A String", # Path to access on the HTTP server. +optional 25659 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25660 "intVal": 42, # The int value. 25661 "strVal": "A String", # The string value. 25662 "type": 42, # The type of the value. 25663 }, 25664 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25665 }, 25666 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25667 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25668 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25669 "intVal": 42, # The int value. 25670 "strVal": "A String", # The string value. 25671 "type": 42, # The type of the value. 25672 }, 25673 }, 25674 }, 25675 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25676 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25677 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25678 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25679 }, 25680 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25681 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25682 { # ContainerPort represents a network port in a single container. 25683 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25684 "hostIP": "A String", # What host IP to bind the external port to. +optional 25685 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25686 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25687 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25688 }, 25689 ], 25690 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25691 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25692 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25693 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25694 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25695 "A String", 25696 ], 25697 }, 25698 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25699 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25700 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25701 { # HTTPHeader describes a custom header to be used in HTTP probes 25702 "name": "A String", # The header field name 25703 "value": "A String", # The header field value 25704 }, 25705 ], 25706 "path": "A String", # Path to access on the HTTP server. +optional 25707 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25708 "intVal": 42, # The int value. 25709 "strVal": "A String", # The string value. 25710 "type": 42, # The type of the value. 25711 }, 25712 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25713 }, 25714 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25715 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25716 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25717 "intVal": 42, # The int value. 25718 "strVal": "A String", # The string value. 25719 "type": 42, # The type of the value. 25720 }, 25721 }, 25722 }, 25723 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25724 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25725 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25726 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25727 }, 25728 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25729 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25730 "a_key": "A String", 25731 }, 25732 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25733 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25734 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25735 }, 25736 }, 25737 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25738 "a_key": "A String", 25739 }, 25740 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 25741 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 25742 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 25743 }, 25744 }, 25745 }, 25746 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 25747 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 25748 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 25749 "add": [ # Added capabilities +optional 25750 "A String", 25751 ], 25752 "drop": [ # Removed capabilities +optional 25753 "A String", 25754 ], 25755 }, 25756 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 25757 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 25758 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25759 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25760 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25761 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 25762 "level": "A String", # Level is SELinux level label that applies to the container. +optional 25763 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 25764 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 25765 "user": "A String", # User is a SELinux user label that applies to the container. +optional 25766 }, 25767 }, 25768 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 25769 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 25770 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 25771 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 25772 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 25773 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 25774 { # volumeDevice describes a mapping of a raw block device within a container. 25775 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 25776 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 25777 }, 25778 ], 25779 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 25780 { # VolumeMount describes a mounting of a Volume within a container. 25781 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 25782 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 25783 "name": "A String", # This must match the Name of a Volume. 25784 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 25785 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 25786 }, 25787 ], 25788 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 25789 }, 25790 "containerConcurrency": 42, # (Optional) ContainerConcurrency specifies the maximum allowed in-flight (concurrent) requests per container instance of the Revision. Cloud Run fully managed: supported, defaults to 80 Cloud Run on GKE: supported, defaults to 0, which means concurrency to the application is not limited, and the system decides the target concurrency for the autoscaler. 25791 "containers": [ # Containers holds the single container that defines the unit of execution for this Revision. In the context of a Revision, we disallow a number of fields on this Container, including: name and lifecycle. In Cloud Run, only a single container may be provided. 25792 { # A single application container. This specifies both the container to run, the command to run in the container and the arguments to supply to it. Note that additional arguments may be supplied by the system to the container at runtime. 25793 "args": [ # Arguments to the entrypoint. The docker image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25794 "A String", 25795 ], 25796 "command": [ # Entrypoint array. Not executed within a shell. The docker image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell +optional 25797 "A String", 25798 ], 25799 "env": [ # List of environment variables to set in the container. Cannot be updated. +optional 25800 { # EnvVar represents an environment variable present in a Container. 25801 "name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER. 25802 "value": "A String", # Variable references $(VAR_NAME) are expanded using the previous defined environment variables in the container and any route environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. The $(VAR_NAME) syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to "". +optional 25803 "valueFrom": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported EnvVarSource represents a source for the value of an EnvVar. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Source for the environment variable's value. Cannot be used if value is not empty. +optional 25804 "configMapKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key from a ConfigMap. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a ConfigMap. +optional 25805 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key to select. 25806 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25807 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25808 }, 25809 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The ConfigMap to select from. 25810 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the ConfigMap or its key must be defined +optional 25811 }, 25812 "secretKeyRef": { # Cloud Run fully managed: not supported Cloud Run on GKE: supported SecretKeySelector selects a key of a Secret. # Cloud Run fully managed: not supported Cloud Run on GKE: supported Selects a key of a secret in the pod's namespace +optional 25813 "key": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The key of the secret to select from. Must be a valid secret key. 25814 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25815 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25816 }, 25817 "name": "A String", # Cloud Run fully managed: not supported Cloud Run on GKE: supported The name of the secret in the pod's namespace to select from. 25818 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run on GKE: supported Specify whether the Secret or its key must be defined +optional 25819 }, 25820 }, 25821 }, 25822 ], 25823 "envFrom": [ # List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated. +optional 25824 { # EnvFromSource represents the source of a set of ConfigMaps 25825 "configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment variables with. The contents of the target ConfigMap's Data field will represent the key-value pairs as environment variables. # The ConfigMap to select from +optional 25826 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25827 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25828 }, 25829 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The ConfigMap to select from. 25830 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the ConfigMap must be defined +optional 25831 }, 25832 "prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. +optional 25833 "secretRef": { # SecretEnvSource selects a Secret to populate the environment variables with. The contents of the target Secret's Data field will represent the key-value pairs as environment variables. # The Secret to select from +optional 25834 "localObjectReference": { # LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. # This field should not be used directly as it is meant to be inlined directly into the message. Use the "name" field instead. 25835 "name": "A String", # Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names 25836 }, 25837 "name": "A String", # Cloud Run fully managed: not supported Cloud Run for Anthos: supported The Secret to select from. 25838 "optional": True or False, # Cloud Run fully managed: not supported Cloud Run for Anthos: supported Specify whether the Secret must be defined +optional 25839 }, 25840 }, 25841 ], 25842 "image": "A String", # Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images 25843 "imagePullPolicy": "A String", # Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images +optional 25844 "lifecycle": { # Lifecycle describes actions that the management system should take in response to container lifecycle events. For the PostStart and PreStop lifecycle handlers, management of the container blocks until the action is complete, unless the container process fails, in which case the handler is aborted. # Actions that the management system should take in response to container lifecycle events. Cannot be updated. +optional 25845 "postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25846 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25847 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25848 "A String", 25849 ], 25850 }, 25851 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25852 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25853 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25854 { # HTTPHeader describes a custom header to be used in HTTP probes 25855 "name": "A String", # The header field name 25856 "value": "A String", # The header field value 25857 }, 25858 ], 25859 "path": "A String", # Path to access on the HTTP server. +optional 25860 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25861 "intVal": 42, # The int value. 25862 "strVal": "A String", # The string value. 25863 "type": 42, # The type of the value. 25864 }, 25865 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25866 }, 25867 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25868 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25869 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25870 "intVal": 42, # The int value. 25871 "strVal": "A String", # The string value. 25872 "type": 42, # The type of the value. 25873 }, 25874 }, 25875 }, 25876 "preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated. The container is terminated after the handler completes. The reason for termination is passed to the handler. Regardless of the outcome of the handler, the container is eventually terminated. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks +optional 25877 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25878 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25879 "A String", 25880 ], 25881 }, 25882 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25883 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25884 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25885 { # HTTPHeader describes a custom header to be used in HTTP probes 25886 "name": "A String", # The header field name 25887 "value": "A String", # The header field value 25888 }, 25889 ], 25890 "path": "A String", # Path to access on the HTTP server. +optional 25891 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25892 "intVal": 42, # The int value. 25893 "strVal": "A String", # The string value. 25894 "type": 42, # The type of the value. 25895 }, 25896 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25897 }, 25898 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25899 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25900 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25901 "intVal": 42, # The int value. 25902 "strVal": "A String", # The string value. 25903 "type": 42, # The type of the value. 25904 }, 25905 }, 25906 }, 25907 }, 25908 "livenessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25909 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25910 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25911 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25912 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25913 "A String", 25914 ], 25915 }, 25916 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25917 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25918 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25919 { # HTTPHeader describes a custom header to be used in HTTP probes 25920 "name": "A String", # The header field name 25921 "value": "A String", # The header field value 25922 }, 25923 ], 25924 "path": "A String", # Path to access on the HTTP server. +optional 25925 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25926 "intVal": 42, # The int value. 25927 "strVal": "A String", # The string value. 25928 "type": 42, # The type of the value. 25929 }, 25930 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25931 }, 25932 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25933 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25934 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25935 "intVal": 42, # The int value. 25936 "strVal": "A String", # The string value. 25937 "type": 42, # The type of the value. 25938 }, 25939 }, 25940 }, 25941 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25942 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25943 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25944 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25945 }, 25946 "name": "A String", # Name of the container specified as a DNS_LABEL. Each container must have a unique name (DNS_LABEL). Cannot be updated. 25947 "ports": [ # List of ports to expose from the container. Exposing a port here gives the system additional information about the network connections a container uses, but is primarily informational. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default "0.0.0.0" address inside a container will be accessible from the network. Cannot be updated. +optional 25948 { # ContainerPort represents a network port in a single container. 25949 "containerPort": 42, # Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536. 25950 "hostIP": "A String", # What host IP to bind the external port to. +optional 25951 "hostPort": 42, # Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this. +optional 25952 "name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services. +optional 25953 "protocol": "A String", # Protocol for port. Must be UDP or TCP. Defaults to "TCP". +optional 25954 }, 25955 ], 25956 "readinessProbe": { # Probe describes a health check to be performed against a container to determine whether it is alive or ready to receive traffic. # Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25957 "failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1. +optional 25958 "handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container 25959 "exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified. Exec specifies the action to take. +optional 25960 "command": [ # Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy. +optional 25961 "A String", 25962 ], 25963 }, 25964 "httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform. +optional 25965 "host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set "Host" in httpHeaders instead. +optional 25966 "httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers. +optional 25967 { # HTTPHeader describes a custom header to be used in HTTP probes 25968 "name": "A String", # The header field name 25969 "value": "A String", # The header field value 25970 }, 25971 ], 25972 "path": "A String", # Path to access on the HTTP server. +optional 25973 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25974 "intVal": 42, # The int value. 25975 "strVal": "A String", # The string value. 25976 "type": 42, # The type of the value. 25977 }, 25978 "scheme": "A String", # Scheme to use for connecting to the host. Defaults to HTTP. +optional 25979 }, 25980 "tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port. TCP hooks not yet supported 25981 "host": "A String", # Optional: Host name to connect to, defaults to the pod IP. +optional 25982 "port": { # IntOrString is a type that can hold an int32 or a string. When used in JSON or YAML marshalling and unmarshalling, it produces or consumes the inner type. This allows you to have, for example, a JSON field that can accept a name or number. # Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. 25983 "intVal": 42, # The int value. 25984 "strVal": "A String", # The string value. 25985 "type": 42, # The type of the value. 25986 }, 25987 }, 25988 }, 25989 "initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25990 "periodSeconds": 42, # How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1. +optional 25991 "successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness. Minimum value is 1. +optional 25992 "timeoutSeconds": 42, # Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes +optional 25993 }, 25994 "resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources +optional 25995 "limits": { # Limits describes the maximum amount of compute resources allowed. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 25996 "a_key": "A String", 25997 }, 25998 "limitsInMap": { # Limits describes the maximum amount of compute resources allowed. This is a temporary field created to migrate away from the map limits field. This is done to become compliant with k8s style API. This field is deprecated in favor of limits field. 25999 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 26000 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 26001 }, 26002 }, 26003 "requests": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. The values of the map is string form of the 'quantity' k8s type: https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go 26004 "a_key": "A String", 26005 }, 26006 "requestsInMap": { # Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. This is a temporary field created to migrate away from the map requests field. This is done to become compliant with k8s style API. This field is deprecated in favor of requests field. 26007 "a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto 26008 "string": "A String", # Stringified version of the quantity, e.g., "800 MiB". 26009 }, 26010 }, 26011 }, 26012 "securityContext": { # SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence. # Security options the pod should run with. More info: https://kubernetes.io/docs/concepts/policy/security-context/ More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ +optional 26013 "allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN +optional 26014 "capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. +optional 26015 "add": [ # Added capabilities +optional 26016 "A String", 26017 ], 26018 "drop": [ # Removed capabilities +optional 26019 "A String", 26020 ], 26021 }, 26022 "privileged": True or False, # Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. +optional 26023 "readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem. Default is false. +optional 26024 "runAsGroup": 42, # The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 26025 "runAsNonRoot": True or False, # Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 26026 "runAsUser": 42, # The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 26027 "seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. +optional 26028 "level": "A String", # Level is SELinux level label that applies to the container. +optional 26029 "role": "A String", # Role is a SELinux role label that applies to the container. +optional 26030 "type": "A String", # Type is a SELinux type label that applies to the container. +optional 26031 "user": "A String", # User is a SELinux user label that applies to the container. +optional 26032 }, 26033 }, 26034 "stdin": True or False, # Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false. +optional 26035 "stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false +optional 26036 "terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated. +optional 26037 "terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated. +optional 26038 "tty": True or False, # Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false. +optional 26039 "volumeDevices": [ # volumeDevices is the list of block devices to be used by the container. This is an alpha feature and may change in the future. +optional 26040 { # volumeDevice describes a mapping of a raw block device within a container. 26041 "devicePath": "A String", # devicePath is the path inside of the container that the device will be mapped to. 26042 "name": "A String", # name must match the name of a persistentVolumeClaim in the pod 26043 }, 26044 ], 26045 "volumeMounts": [ # Pod volumes to mount into the container's filesystem. Cannot be updated. +optional 26046 { # VolumeMount describes a mounting of a Volume within a container. 26047 "mountPath": "A String", # Path within the container at which the volume should be mounted. Must not contain ':'. 26048 "mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationHostToContainer is used. This field is beta in 1.10. +optional 26049 "name": "A String", # This must match the Name of a Volume. 26050 "readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false. +optional 26051 "subPath": "A String", # Path within the volume from which the container's volume should be mounted. Defaults to "" (volume's root). +optional 26052 }, 26053 ], 26054 "workingDir": "A String", # Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated. +optional 26055 }, 26056 ], 26057 "generation": 42, # Deprecated and not currently populated by Cloud Run. See metadata.generation instead, which is the sequence number containing the latest generation of the desired state. Read-only. 26058 "serviceAccountName": "A String", # Email address of the IAM service account associated with the revision of the service. The service account represents the identity of the running revision, and determines what permissions the revision has. If not provided, the revision will use the project's default service account. 26059 "servingState": "A String", # ServingState holds a value describing the state the resources are in for this Revision. Users must not specify this when creating a revision. It is expected that the system will manipulate this based on routability and load. Populated by the system. Read-only. 26060 "timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for responding to a request. Not currently used by Cloud Run. 26061 "volumes": [ 26062 { # Volume represents a named volume in a container. 26063 "configMap": { # Adapts a ConfigMap into a volume. The contents of the target ConfigMap's Data field will be presented in a volume as files using the keys in the Data field as the file names, unless the items element is populated with specific mappings of keys to paths. 26064 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 26065 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 26066 { # Maps a string key to a path within a volume. 26067 "key": "A String", # The key to project. 26068 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 26069 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 26070 }, 26071 ], 26072 "name": "A String", # Name of the config. 26073 "optional": True or False, # Specify whether the Secret or its keys must be defined. 26074 }, 26075 "name": "A String", # Volume's name. 26076 "secret": { # The contents of the target Secret's Data field will be presented in a volume as files using the keys in the Data field as the file names. 26077 "defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and 0777. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. 26078 "items": [ # If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. 26079 { # Maps a string key to a path within a volume. 26080 "key": "A String", # The key to project. 26081 "mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set. +optional 26082 "path": "A String", # The relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'. 26083 }, 26084 ], 26085 "optional": True or False, # Specify whether the Secret or its keys must be defined. 26086 "secretName": "A String", # Name of the secret in the container's namespace to use. 26087 }, 26088 }, 26089 ], 26090 }, 26091 }, 26092 "traffic": [ # Traffic specifies how to distribute traffic over a collection of Knative Revisions and Configurations. 26093 { # TrafficTarget holds a single entry of the routing table for a Route. 26094 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 26095 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 26096 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 26097 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 26098 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 26099 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 26100 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 26101 }, 26102 ], 26103 }, 26104 "status": { # The current state of the Service. Output only. # Status communicates the observed state of the Service (from the controller). 26105 "address": { # Information for connecting over HTTP(s). # From RouteStatus. Similar to url, information on where the service is available on HTTP. 26106 "hostname": "A String", # Deprecated - use url instead. 26107 "url": "A String", 26108 }, 26109 "conditions": [ # Conditions communicates information about ongoing/complete reconciliation processes that bring the "spec" inline with the observed state of the world. 26110 { # ServiceCondition defines a readiness condition for a Service. 26111 "lastTransitionTime": "A String", # Last time the condition transitioned from one status to another. +optional 26112 "message": "A String", # Human-readable message indicating details about last transition. +optional 26113 "reason": "A String", # One-word CamelCase reason for the condition's last transition. +optional 26114 "severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info +optional 26115 "status": "A String", # Status of the condition, one of True, False, Unknown. 26116 "type": "A String", # ServiceConditionType is used to communicate the status of the reconciliation process. See also: https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting Types include: "Ready", "ConfigurationsReady", and "RoutesReady". "Ready" will be true when the underlying Route and Configuration are ready. 26117 }, 26118 ], 26119 "domain": "A String", # From RouteStatus. Domain holds the top-level domain that will distribute traffic over the provided targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 26120 "latestCreatedRevisionName": "A String", # From ConfigurationStatus. LatestCreatedRevisionName is the last revision that was created from this Service's Configuration. It might not be ready yet, for that use LatestReadyRevisionName. 26121 "latestReadyRevisionName": "A String", # From ConfigurationStatus. LatestReadyRevisionName holds the name of the latest Revision stamped out from this Service's Configuration that has had its "Ready" condition become "True". 26122 "observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Route that was last processed by the controller. Clients polling for completed reconciliation should poll until observedGeneration = metadata.generation and the Ready condition's status is True or False. 26123 "traffic": [ # From RouteStatus. Traffic holds the configured traffic distribution. These entries will always contain RevisionName references. When ConfigurationName appears in the spec, this will hold the LatestReadyRevisionName that we last observed. 26124 { # TrafficTarget holds a single entry of the routing table for a Route. 26125 "configurationName": "A String", # ConfigurationName of a configuration to whose latest revision we will send this portion of traffic. When the "status.latestReadyRevisionName" of the referenced configuration changes, we will automatically migrate traffic from the prior "latest ready" revision to the new one. This field is never set in Route's status, only its spec. This is mutually exclusive with RevisionName. Cloud Run currently supports a single ConfigurationName. 26126 "latestRevision": True or False, # LatestRevision may be optionally provided to indicate that the latest ready Revision of the Configuration should be used for this traffic target. When provided LatestRevision must be true if RevisionName is empty; it must be false when RevisionName is non-empty. +optional 26127 "name": "A String", # Name is optionally used to expose a dedicated hostname for referencing this target exclusively. Not currently supported by Cloud Run. +optional 26128 "percent": 42, # Percent specifies percent of the traffic to this Revision or Configuration. This defaults to zero if unspecified. Cloud Run currently requires 100 percent for a single ConfigurationName TrafficTarget entry. 26129 "revisionName": "A String", # RevisionName of a specific revision to which to send this portion of traffic. This is mutually exclusive with ConfigurationName. Providing RevisionName in spec is not currently supported by Cloud Run. 26130 "tag": "A String", # Tag is optionally used to expose a dedicated url for referencing this target exclusively. Not currently supported in Cloud Run. +optional 26131 "url": "A String", # Output only. URL displays the URL for accessing named traffic targets. URL is displayed in status, and is disallowed on spec. URL must contain a scheme (e.g. http://) and a hostname, but may not contain anything else (e.g. basic auth, url path, etc. Not currently supported in Cloud Run. 26132 }, 26133 ], 26134 "url": "A String", # From RouteStatus. URL holds the url that will distribute traffic over the provided traffic targets. It generally has the form https://{route-hash}-{project-hash}-{cluster-level-suffix}.a.run.app 26135 }, 26136}</pre> 26137</div> 26138 26139<div class="method"> 26140 <code class="details" id="setIamPolicy">setIamPolicy(resource, body=None, x__xgafv=None)</code> 26141 <pre>Sets the IAM Access control policy for the specified Service. Overwrites any existing policy. 26142 26143Args: 26144 resource: string, REQUIRED: The resource for which the policy is being specified. See the operation documentation for the appropriate value for this field. (required) 26145 body: object, The request body. 26146 The object takes the form of: 26147 26148{ # Request message for `SetIamPolicy` method. 26149 "policy": { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:[email protected]", "group:[email protected]", "domain:google.com", "serviceAccount:[email protected]" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:[email protected]" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:[email protected] - group:[email protected] - domain:google.com - serviceAccount:[email protected] role: roles/resourcemanager.organizationAdmin - members: - user:[email protected] role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). # REQUIRED: The complete policy to be applied to the `resource`. The size of the policy is limited to a few 10s of KB. An empty policy is a valid policy but certain Cloud Platform services (such as Projects) might reject them. 26150 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 26151 { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:[email protected]" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts [email protected] from DATA_READ logging, and [email protected] from DATA_WRITE logging. 26152 "auditLogConfigs": [ # The configuration for logging of each type of permission. 26153 { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting [email protected] from DATA_READ logging. 26154 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. 26155 "A String", 26156 ], 26157 "logType": "A String", # The log type that this config enables. 26158 }, 26159 ], 26160 "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. 26161 }, 26162 ], 26163 "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. 26164 { # Associates `members` with a `role`. 26165 "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 26166 "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. 26167 "expression": "A String", # Textual representation of an expression in Common Expression Language syntax. 26168 "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. 26169 "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. 26170 }, 26171 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `[email protected]`. * `group:{emailid}`: An email address that represents a Google group. For example, `[email protected]`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. 26172 "A String", 26173 ], 26174 "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 26175 }, 26176 ], 26177 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. 26178 "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 26179 }, 26180 "updateMask": "A String", # OPTIONAL: A FieldMask specifying which fields of the policy to modify. Only the fields in the mask will be modified. If no mask is provided, the following default mask is used: `paths: "bindings, etag"` 26181} 26182 26183 x__xgafv: string, V1 error format. 26184 Allowed values 26185 1 - v1 error format 26186 2 - v2 error format 26187 26188Returns: 26189 An object of the form: 26190 26191 { # An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. A condition can add constraints based on attributes of the request, the resource, or both. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). **JSON example:** { "bindings": [ { "role": "roles/resourcemanager.organizationAdmin", "members": [ "user:[email protected]", "group:[email protected]", "domain:google.com", "serviceAccount:[email protected]" ] }, { "role": "roles/resourcemanager.organizationViewer", "members": [ "user:[email protected]" ], "condition": { "title": "expirable access", "description": "Does not grant access after Sep 2020", "expression": "request.time < timestamp('2020-10-01T00:00:00.000Z')", } } ], "etag": "BwWWja0YfJA=", "version": 3 } **YAML example:** bindings: - members: - user:[email protected] - group:[email protected] - domain:google.com - serviceAccount:[email protected] role: roles/resourcemanager.organizationAdmin - members: - user:[email protected] role: roles/resourcemanager.organizationViewer condition: title: expirable access description: Does not grant access after Sep 2020 expression: request.time < timestamp('2020-10-01T00:00:00.000Z') - etag: BwWWja0YfJA= - version: 3 For a description of IAM and its features, see the [IAM documentation](https://cloud.google.com/iam/docs/). 26192 "auditConfigs": [ # Specifies cloud audit logging configuration for this policy. 26193 { # Specifies the audit configuration for a service. The configuration determines which permission types are logged, and what identities, if any, are exempted from logging. An AuditConfig must have one or more AuditLogConfigs. If there are AuditConfigs for both `allServices` and a specific service, the union of the two AuditConfigs is used for that service: the log_types specified in each AuditConfig are enabled, and the exempted_members in each AuditLogConfig are exempted. Example Policy with multiple AuditConfigs: { "audit_configs": [ { "service": "allServices", "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" }, { "log_type": "ADMIN_READ" } ] }, { "service": "sampleservice.googleapis.com", "audit_log_configs": [ { "log_type": "DATA_READ" }, { "log_type": "DATA_WRITE", "exempted_members": [ "user:[email protected]" ] } ] } ] } For sampleservice, this policy enables DATA_READ, DATA_WRITE and ADMIN_READ logging. It also exempts [email protected] from DATA_READ logging, and [email protected] from DATA_WRITE logging. 26194 "auditLogConfigs": [ # The configuration for logging of each type of permission. 26195 { # Provides the configuration for logging a type of permissions. Example: { "audit_log_configs": [ { "log_type": "DATA_READ", "exempted_members": [ "user:[email protected]" ] }, { "log_type": "DATA_WRITE" } ] } This enables 'DATA_READ' and 'DATA_WRITE' logging, while exempting [email protected] from DATA_READ logging. 26196 "exemptedMembers": [ # Specifies the identities that do not cause logging for this type of permission. Follows the same format of Binding.members. 26197 "A String", 26198 ], 26199 "logType": "A String", # The log type that this config enables. 26200 }, 26201 ], 26202 "service": "A String", # Specifies a service that will be enabled for audit logging. For example, `storage.googleapis.com`, `cloudsql.googleapis.com`. `allServices` is a special value that covers all services. 26203 }, 26204 ], 26205 "bindings": [ # Associates a list of `members` to a `role`. Optionally, may specify a `condition` that determines how and when the `bindings` are applied. Each of the `bindings` must contain at least one member. 26206 { # Associates `members` with a `role`. 26207 "condition": { # Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language. The syntax and semantics of CEL are documented at https://github.com/google/cel-spec. Example (Comparison): title: "Summary size limit" description: "Determines if a summary is less than 100 chars" expression: "document.summary.size() < 100" Example (Equality): title: "Requestor is owner" description: "Determines if requestor is the document owner" expression: "document.owner == request.auth.claims.email" Example (Logic): title: "Public documents" description: "Determine whether the document should be publicly visible" expression: "document.type != 'private' && document.type != 'internal'" Example (Data Manipulation): title: "Notification string" description: "Create a notification string with a timestamp." expression: "'New message received at ' + string(document.create_time)" The exact variables and functions that may be referenced within an expression are determined by the service that evaluates it. See the service documentation for additional information. # The condition that is associated with this binding. If the condition evaluates to `true`, then this binding applies to the current request. If the condition evaluates to `false`, then this binding does not apply to the current request. However, a different role binding might grant the same role to one or more of the members in this binding. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 26208 "description": "A String", # Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI. 26209 "expression": "A String", # Textual representation of an expression in Common Expression Language syntax. 26210 "location": "A String", # Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file. 26211 "title": "A String", # Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression. 26212 }, 26213 "members": [ # Specifies the identities requesting access for a Cloud Platform resource. `members` can have the following values: * `allUsers`: A special identifier that represents anyone who is on the internet; with or without a Google account. * `allAuthenticatedUsers`: A special identifier that represents anyone who is authenticated with a Google account or a service account. * `user:{emailid}`: An email address that represents a specific Google account. For example, `[email protected]` . * `serviceAccount:{emailid}`: An email address that represents a service account. For example, `[email protected]`. * `group:{emailid}`: An email address that represents a Google group. For example, `[email protected]`. * `deleted:user:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a user that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the user is recovered, this value reverts to `user:{emailid}` and the recovered user retains the role in the binding. * `deleted:serviceAccount:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a service account that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the service account is undeleted, this value reverts to `serviceAccount:{emailid}` and the undeleted service account retains the role in the binding. * `deleted:group:{emailid}?uid={uniqueid}`: An email address (plus unique identifier) representing a Google group that has been recently deleted. For example, `[email protected]?uid=123456789012345678901`. If the group is recovered, this value reverts to `group:{emailid}` and the recovered group retains the role in the binding. * `domain:{domain}`: The G Suite domain (primary) that represents all the users of that domain. For example, `google.com` or `example.com`. 26214 "A String", 26215 ], 26216 "role": "A String", # Role that is assigned to `members`. For example, `roles/viewer`, `roles/editor`, or `roles/owner`. 26217 }, 26218 ], 26219 "etag": "A String", # `etag` is used for optimistic concurrency control as a way to help prevent simultaneous updates of a policy from overwriting each other. It is strongly suggested that systems make use of the `etag` in the read-modify-write cycle to perform policy updates in order to avoid race conditions: An `etag` is returned in the response to `getIamPolicy`, and systems are expected to put that etag in the request to `setIamPolicy` to ensure that their change will be applied to the same version of the policy. **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. 26220 "version": 42, # Specifies the format of the policy. Valid values are `0`, `1`, and `3`. Requests that specify an invalid value are rejected. Any operation that affects conditional role bindings must specify version `3`. This requirement applies to the following operations: * Getting a policy that includes a conditional role binding * Adding a conditional role binding to a policy * Changing a conditional role binding in a policy * Removing any role binding, with or without a condition, from a policy that includes conditions **Important:** If you use IAM Conditions, you must include the `etag` field whenever you call `setIamPolicy`. If you omit this field, then IAM allows you to overwrite a version `3` policy with a version `1` policy, and all of the conditions in the version `3` policy are lost. If a policy does not include any conditions, operations on that policy may specify any valid version or leave the field unset. To learn which resources support conditions in their IAM policies, see the [IAM documentation](https://cloud.google.com/iam/help/conditions/resource-policies). 26221}</pre> 26222</div> 26223 26224<div class="method"> 26225 <code class="details" id="testIamPermissions">testIamPermissions(resource, body=None, x__xgafv=None)</code> 26226 <pre>Returns permissions that a caller has on the specified Project. There are no permissions required for making this API call. 26227 26228Args: 26229 resource: string, REQUIRED: The resource for which the policy detail is being requested. See the operation documentation for the appropriate value for this field. (required) 26230 body: object, The request body. 26231 The object takes the form of: 26232 26233{ # Request message for `TestIamPermissions` method. 26234 "permissions": [ # The set of permissions to check for the `resource`. Permissions with wildcards (such as '*' or 'storage.*') are not allowed. For more information see [IAM Overview](https://cloud.google.com/iam/docs/overview#permissions). 26235 "A String", 26236 ], 26237} 26238 26239 x__xgafv: string, V1 error format. 26240 Allowed values 26241 1 - v1 error format 26242 2 - v2 error format 26243 26244Returns: 26245 An object of the form: 26246 26247 { # Response message for `TestIamPermissions` method. 26248 "permissions": [ # A subset of `TestPermissionsRequest.permissions` that the caller is allowed. 26249 "A String", 26250 ], 26251}</pre> 26252</div> 26253 26254</body></html>