Rpc to get information about a configuration.
Rpc to list configurations.
get(name, x__xgafv=None)
Rpc to get information about a configuration.
Args:
name: string, The name of the configuration being retrieved. If needed, replace
{namespace_id} with the project ID. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{ # Configuration represents the "floating HEAD" of a linear history of
# Revisions, and optionally how the containers those revisions reference are
# built. Users create new Revisions by updating the Configuration's spec. The
# "latest created" revision's name is available under status, as is the "latest
# ready" revision's name. See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#configuration
"status": { # ConfigurationStatus communicates the observed state of the Configuration # Status communicates the observed state of the Configuration (from the
# controller).
# (from the controller).
"latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this
# Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Configuration that
# was last processed by the controller. The observed generation is updated
# even if the controller failed to process the spec and create the Revision.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation, and the Ready condition's status
# is True or False.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ConfigurationCondition defines a readiness condition for a Configuration.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ConfigurationConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
# Types include:"Ready"
},
],
"latestReadyRevisionName": "A String", # LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Configuration that has had its "Ready" condition become "True".
},
"kind": "A String", # The kind of resource, in this case always "Configuration".
"spec": { # ConfigurationSpec holds the desired state of the Configuration (from the # Spec holds the desired state of the Configuration (from the client).
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Configuration, including name, namespace,
# labels, and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
}
list(parent, labelSelector=None, includeUninitialized=None, x__xgafv=None, resourceVersion=None, limit=None, watch=None, continue=None, fieldSelector=None)
Rpc to list configurations.
Args:
parent: string, The project ID or project number from which the configurations should be
listed. (required)
labelSelector: string, Allows to filter resources based on a label. Supported operations are
=, !=, exists, in, and notIn.
includeUninitialized: boolean, Not currently used by Cloud Run.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
resourceVersion: string, The baseline resource version from which the list or watch operation should
start. Not currently used by Cloud Run.
limit: integer, The maximum number of records that should be returned.
watch: boolean, Flag that indicates that the client expects to watch this resource as well.
Not currently used by Cloud Run.
continue: string, Optional encoded string to continue paging.
fieldSelector: string, Allows to filter resources based on a specific value for a field name.
Send this in a query string format. i.e. 'metadata.name%3Dlorem'.
Not currently used by Cloud Run.
Returns:
An object of the form:
{ # ListConfigurationsResponse is a list of Configuration resources.
"unreachable": [ # Locations that could not be reached.
"A String",
],
"kind": "A String", # The kind of this resource, in this case "ConfigurationList".
"items": [ # List of Configurations.
{ # Configuration represents the "floating HEAD" of a linear history of
# Revisions, and optionally how the containers those revisions reference are
# built. Users create new Revisions by updating the Configuration's spec. The
# "latest created" revision's name is available under status, as is the "latest
# ready" revision's name. See also:
# https://github.com/knative/serving/blob/master/docs/spec/overview.md#configuration
"status": { # ConfigurationStatus communicates the observed state of the Configuration # Status communicates the observed state of the Configuration (from the
# controller).
# (from the controller).
"latestCreatedRevisionName": "A String", # LatestCreatedRevisionName is the last revision that was created from this
# Configuration. It might not be ready yet, for that use
# LatestReadyRevisionName.
"observedGeneration": 42, # ObservedGeneration is the 'Generation' of the Configuration that
# was last processed by the controller. The observed generation is updated
# even if the controller failed to process the spec and create the Revision.
#
# Clients polling for completed reconciliation should poll until
# observedGeneration = metadata.generation, and the Ready condition's status
# is True or False.
"conditions": [ # Conditions communicates information about ongoing/complete
# reconciliation processes that bring the "spec" inline with the observed
# state of the world.
{ # ConfigurationCondition defines a readiness condition for a Configuration.
"status": "A String", # Status of the condition, one of True, False, Unknown.
"severity": "A String", # How to interpret failures of this condition, one of Error, Warning, Info
# +optional
"lastTransitionTime": "A String", # Last time the condition transitioned from one status to another.
# +optional
"reason": "A String", # One-word CamelCase reason for the condition's last transition.
# +optional
"message": "A String", # Human-readable message indicating details about last transition.
# +optional
"type": "A String", # ConfigurationConditionType is used to communicate the status of the
# reconciliation process. See also:
# https://github.com/knative/serving/blob/master/docs/spec/errors.md#error-conditions-and-reporting
# Types include:"Ready"
},
],
"latestReadyRevisionName": "A String", # LatestReadyRevisionName holds the name of the latest Revision stamped out
# from this Configuration that has had its "Ready" condition become "True".
},
"kind": "A String", # The kind of resource, in this case always "Configuration".
"spec": { # ConfigurationSpec holds the desired state of the Configuration (from the # Spec holds the desired state of the Configuration (from the client).
# client).
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"revisionTemplate": { # RevisionTemplateSpec describes the data a revision should have when created # RevisionTemplate holds the latest specification for the Revision to
# be stamped out. The template references the container image, and may also
# include labels and annotations that should be attached to the Revision.
# To correlate a Revision, and/or to force a Revision to be created when the
# spec doesn't otherwise change, a nonce label may be provided in the
# template metadata. For more details, see:
# https://github.com/knative/serving/blob/master/docs/client-conventions.md#associate-modifications-with-revisions
#
# Cloud Run does not currently support referencing a build that is
# responsible for materializing the container image from source.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
"template": { # RevisionTemplateSpec describes the data a revision should have when created # Template holds the latest specification for the Revision to be stamped out.
# Not currently supported by Cloud Run.
# from a template. Based on:
# https://github.com/kubernetes/api/blob/e771f807/core/v1/types.go#L3179-L3190
"spec": { # RevisionSpec holds the desired state of the Revision (from the client). # RevisionSpec holds the desired state of the Revision (from the client).
"container": { # A single application container. # Container defines the unit of execution for this Revision.
# In the context of a Revision, we disallow a number of the fields of
# this Container, including: name, ports, and volumeMounts.
# The runtime contract is documented here:
# https://github.com/knative/serving/blob/master/docs/runtime-contract.md
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
"serviceAccountName": "A String", # Not currently used by Cloud Run.
"timeoutSeconds": 42, # TimeoutSeconds holds the max duration the instance is allowed for
# responding to a request.
# Not currently used by Cloud Run.
"servingState": "A String", # ServingState holds a value describing the state the resources
# are in for this Revision.
# Users must not specify this when creating a revision. It is expected
# that the system will manipulate this based on routability and load.
#
# Populated by the system.
# Read-only.
"generation": 42, # Deprecated and not currently populated by Cloud Run. See
# metadata.generation instead, which is the sequence number containing the
# latest generation of the desired state.
#
# Read-only.
"concurrencyModel": "A String", # ConcurrencyModel specifies the desired concurrency model
# (Single or Multi) for the Revision. Defaults to Multi.
# Deprecated in favor of ContainerConcurrency.
# +optional
"containerConcurrency": 42, # ContainerConcurrency specifies the maximum allowed in-flight (concurrent)
# requests per container of the Revision. Values are:
# - `0` thread-safe, the system should manage the max concurrency. This is
# the default value.
# - `1` not-thread-safe. Single concurrency
# - `2-N` thread-safe, max concurrency of N
"volumes": [
{ # Volume represents a named volume in a container.
"configMap": { # Adapts a ConfigMap into a volume.
# The contents of the target ConfigMap's Data field will be presented in a
# volume as files using the keys in the Data field as the file names, unless
# the items element is populated with specific mappings of keys to paths.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"name": "A String", # Name of the config.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
},
"secret": { # The contents of the target Secret's Data field will be presented in a volume
# as files using the keys in the Data field as the file names.
"items": [ # If unspecified, each key-value pair in the Data field of the referenced
# Secret will be projected into the volume as a file whose name is the
# key and content is the value. If specified, the listed keys will be
# projected into the specified paths, and unlisted keys will not be
# present. If a key is specified which is not present in the Secret,
# the volume setup will error unless it is marked optional.
{ # Maps a string key to a path within a volume.
"path": "A String", # The relative path of the file to map the key to.
# May not be an absolute path.
# May not contain the path element '..'.
# May not start with the string '..'.
"mode": 42, # Mode bits to use on this file, must be a value between 0 and 0777. If not
# specified, the volume defaultMode will be used. This might be in conflict
# with other options that affect the file mode, like fsGroup, and the result
# can be other mode bits set. +optional
"key": "A String", # The key to project.
},
],
"optional": True or False, # Specify whether the Secret or its keys must be defined.
"defaultMode": 42, # Mode bits to use on created files by default. Must be a value between 0 and
# 0777. Defaults to 0644. Directories within the path are not affected by
# this setting. This might be in conflict with other options that affect the
# file mode, like fsGroup, and the result can be other mode bits set.
"secretName": "A String", # Name of the secret in the container's namespace to use.
},
"name": "A String", # Volume's name.
},
],
"containers": [ # Containers holds the single container that defines the unit of execution
# for this Revision. In the context of a Revision, we disallow a number of
# fields on this Container, including: name and lifecycle.
{ # A single application container.
# This specifies both the container to run, the command to run in the container
# and the arguments to supply to it.
# Note that additional arguments may be supplied by the system to the container
# at runtime.
"tty": True or False, # Whether this container should allocate a TTY for itself, also requires
# 'stdin' to be true. Default is false. +optional
"stdin": True or False, # Whether this container should allocate a buffer for stdin in the container
# runtime. If this is not set, reads from stdin in the container will always
# result in EOF. Default is false. +optional
"securityContext": { # SecurityContext holds security configuration that will be applied to a # Security options the pod should run with.
# More info: https://kubernetes.io/docs/concepts/policy/security-context/
# More info:
# https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
# +optional
# container. Some fields are present in both SecurityContext and
# PodSecurityContext. When both are set, the values in SecurityContext take
# precedence.
"readOnlyRootFilesystem": True or False, # Whether this container has a read-only root filesystem.
# Default is false.
# +optional
"runAsGroup": "A String", # The GID to run the entrypoint of the container process.
# Uses runtime default if unset.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"runAsUser": "A String", # The UID to run the entrypoint of the container process.
# Defaults to user specified in image metadata if unspecified.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"allowPrivilegeEscalation": True or False, # AllowPrivilegeEscalation controls whether a process can gain more
# privileges than its parent process. This bool directly controls if
# the no_new_privs flag will be set on the container process.
# AllowPrivilegeEscalation is true always when the container is:
# 1) run as Privileged
# 2) has CAP_SYS_ADMIN
# +optional
"capabilities": { # Adds and removes POSIX capabilities from running containers. # The capabilities to add/drop when running containers.
# Defaults to the default set of capabilities granted by the container
# runtime. +optional
"add": [ # Added capabilities
# +optional
"A String",
],
"drop": [ # Removed capabilities
# +optional
"A String",
],
},
"runAsNonRoot": True or False, # Indicates that the container must run as a non-root user.
# If true, the Kubelet will validate the image at runtime to ensure that it
# does not run as UID 0 (root) and fail to start the container if it does.
# If unset or false, no such validation will be performed.
# May also be set in PodSecurityContext. If set in both SecurityContext and
# PodSecurityContext, the value specified in SecurityContext takes
# precedence. +optional
"seLinuxOptions": { # SELinuxOptions are the labels to be applied to the container # The SELinux context to be applied to the container.
# If unspecified, the container runtime will allocate a random SELinux
# context for each container. May also be set in PodSecurityContext. If set
# in both SecurityContext and PodSecurityContext, the value specified in
# SecurityContext takes precedence. +optional
"role": "A String", # Role is a SELinux role label that applies to the container.
# +optional
"type": "A String", # Type is a SELinux type label that applies to the container.
# +optional
"user": "A String", # User is a SELinux user label that applies to the container.
# +optional
"level": "A String", # Level is SELinux level label that applies to the container.
# +optional
},
"privileged": True or False, # Run container in privileged mode.
# Processes in privileged containers are essentially equivalent to root on
# the host. Defaults to false. +optional
},
"name": "A String", # Name of the container specified as a DNS_LABEL.
# Each container must have a unique name (DNS_LABEL).
# Cannot be updated.
"envFrom": [ # List of sources to populate environment variables in the container.
# The keys defined within a source must be a C_IDENTIFIER. All invalid keys
# will be reported as an event when the container is starting. When a key
# exists in multiple sources, the value associated with the last source will
# take precedence. Values defined by an Env with a duplicate key will take
# precedence. Cannot be updated. +optional
{ # EnvFromSource represents the source of a set of ConfigMaps
"secretRef": { # SecretEnvSource selects a Secret to populate the environment # The Secret to select from
# +optional
# variables with.
#
# The contents of the target Secret's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The Secret to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the Secret must be defined
# +optional
},
"configMapRef": { # ConfigMapEnvSource selects a ConfigMap to populate the environment # The ConfigMap to select from
# +optional
# variables with.
#
# The contents of the target ConfigMap's Data field will represent the
# key-value pairs as environment variables.
"localObjectReference": { # LocalObjectReference contains enough information to let you locate the # The ConfigMap to select from.
# referenced object inside the same namespace.
"name": "A String", # Name of the referent.
# More info:
# https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
},
"optional": True or False, # Specify whether the ConfigMap must be defined
# +optional
},
"prefix": "A String", # An optional identifier to prepend to each key in the ConfigMap. Must be a
# C_IDENTIFIER. +optional
},
],
"env": [ # List of environment variables to set in the container.
# Cannot be updated.
# +optional
{ # EnvVar represents an environment variable present in a Container.
"name": "A String", # Name of the environment variable. Must be a C_IDENTIFIER.
"value": "A String", # Variable references $(VAR_NAME) are expanded
# using the previous defined environment variables in the container and
# any route environment variables. If a variable cannot be resolved,
# the reference in the input string will be unchanged. The $(VAR_NAME)
# syntax can be escaped with a double $$, ie: $$(VAR_NAME). Escaped
# references will never be expanded, regardless of whether the variable
# exists or not.
# Defaults to "".
# +optional
},
],
"volumeMounts": [ # Pod volumes to mount into the container's filesystem.
# Cannot be updated.
# +optional
{ # VolumeMount describes a mounting of a Volume within a container.
"readOnly": True or False, # Mounted read-only if true, read-write otherwise (false or unspecified).
# Defaults to false.
# +optional
"mountPropagation": "A String", # mountPropagation determines how mounts are propagated from the host
# to container and the other way around.
# When not set, MountPropagationHostToContainer is used.
# This field is beta in 1.10.
# +optional
"subPath": "A String", # Path within the volume from which the container's volume should be mounted.
# Defaults to "" (volume's root).
# +optional
"name": "A String", # This must match the Name of a Volume.
"mountPath": "A String", # Path within the container at which the volume should be mounted. Must
# not contain ':'.
},
],
"volumeDevices": [ # volumeDevices is the list of block devices to be used by the container.
# This is an alpha feature and may change in the future.
# +optional
{ # volumeDevice describes a mapping of a raw block device within a container.
"devicePath": "A String", # devicePath is the path inside of the container that the device will be
# mapped to.
"name": "A String", # name must match the name of a persistentVolumeClaim in the pod
},
],
"args": [ # Arguments to the entrypoint.
# The docker image's CMD is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"stdinOnce": True or False, # Whether the container runtime should close the stdin channel after it has
# been opened by a single attach. When stdin is true the stdin stream will
# remain open across multiple attach sessions. If stdinOnce is set to true,
# stdin is opened on container start, is empty until the first client
# attaches to stdin, and then remains open and accepts data until the client
# disconnects, at which time stdin is closed and remains closed until the
# container is restarted. If this flag is false, a container processes that
# reads from stdin will never receive an EOF. Default is false +optional
"terminationMessagePolicy": "A String", # Indicate how the termination message should be populated. File will use the
# contents of terminationMessagePath to populate the container status message
# on both success and failure. FallbackToLogsOnError will use the last chunk
# of container log output if the termination message file is empty and the
# container exited with an error. The log output is limited to 2048 bytes or
# 80 lines, whichever is smaller. Defaults to File. Cannot be updated.
# +optional
"lifecycle": { # Lifecycle describes actions that the management system should take in # Actions that the management system should take in response to container
# lifecycle events. Cannot be updated. +optional
# response to container lifecycle events. For the PostStart and PreStop
# lifecycle handlers, management of the container blocks until the action is
# complete, unless the container process fails, in which case the handler is
# aborted.
"preStop": { # Handler defines a specific action that should be taken # PreStop is called immediately before a container is terminated.
# The container is terminated after the handler completes.
# The reason for termination is passed to the handler.
# Regardless of the outcome of the handler, the container is eventually
# terminated. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"postStart": { # Handler defines a specific action that should be taken # PostStart is called immediately after a container is created. If the
# handler fails, the container is terminated and restarted according to its
# restart policy. Other management of the container blocks until the hook
# completes. More info:
# https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks
# +optional
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
},
"command": [ # Entrypoint array. Not executed within a shell.
# The docker image's ENTRYPOINT is used if this is not provided.
# Variable references $(VAR_NAME) are expanded using the container's
# environment. If a variable cannot be resolved, the reference in the input
# string will be unchanged. The $(VAR_NAME) syntax can be escaped with a
# double $$, ie: $$(VAR_NAME). Escaped references will never be expanded,
# regardless of whether the variable exists or not.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell
# +optional
"A String",
],
"livenessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container liveness.
# Container will be restarted if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"image": "A String", # Docker image name.
# More info: https://kubernetes.io/docs/concepts/containers/images
"imagePullPolicy": "A String", # Image pull policy.
# One of Always, Never, IfNotPresent.
# Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/containers/images#updating-images
# +optional
"readinessProbe": { # Probe describes a health check to be performed against a container to # Periodic probe of container service readiness.
# Container will be removed from service endpoints if the probe fails.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
# determine whether it is alive or ready to receive traffic.
"timeoutSeconds": 42, # Number of seconds after which the probe times out.
# Defaults to 1 second. Minimum value is 1.
# More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"initialDelaySeconds": 42, # Number of seconds after the container has started before liveness probes
# are initiated. More info:
# https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes
# +optional
"handler": { # Handler defines a specific action that should be taken # The action taken to determine the health of a container
"tcpSocket": { # TCPSocketAction describes an action based on opening a socket # TCPSocket specifies an action involving a TCP port.
# TCP hooks not yet supported
"host": "A String", # Optional: Host name to connect to, defaults to the pod IP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Number or name of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
},
"httpGet": { # HTTPGetAction describes an action based on HTTP Get requests. # HTTPGet specifies the http request to perform.
# +optional
"path": "A String", # Path to access on the HTTP server.
# +optional
"host": "A String", # Host name to connect to, defaults to the pod IP. You probably want to set
# "Host" in httpHeaders instead.
# +optional
"scheme": "A String", # Scheme to use for connecting to the host.
# Defaults to HTTP.
# +optional
"port": { # IntOrString is a type that can hold an int32 or a string. When used in # Name or number of the port to access on the container.
# Number must be in the range 1 to 65535.
# Name must be an IANA_SVC_NAME.
# JSON or YAML marshalling and unmarshalling, it produces or consumes the
# inner type. This allows you to have, for example, a JSON field that can
# accept a name or number.
"strVal": "A String", # The string value.
"type": "A String", # The type of the value.
"intVal": 42, # The int value.
},
"httpHeaders": [ # Custom headers to set in the request. HTTP allows repeated headers.
# +optional
{ # HTTPHeader describes a custom header to be used in HTTP probes
"name": "A String", # The header field name
"value": "A String", # The header field value
},
],
},
"exec": { # ExecAction describes a "run in container" action. # One and only one of the following should be specified.
# Exec specifies the action to take.
# +optional
"command": "A String", # Command is the command line to execute inside the container, the working
# directory for the command is root ('/') in the container's filesystem. The
# command is simply exec'd, it is not run inside a shell, so traditional
# shell instructions ('|', etc) won't work. To use a shell, you need to
# explicitly call out to that shell. Exit status of 0 is treated as
# live/healthy and non-zero is unhealthy. +optional
},
},
"periodSeconds": 42, # How often (in seconds) to perform the probe.
# Default to 10 seconds. Minimum value is 1.
# +optional
"successThreshold": 42, # Minimum consecutive successes for the probe to be considered successful
# after having failed. Defaults to 1. Must be 1 for liveness. Minimum value
# is 1. +optional
"failureThreshold": 42, # Minimum consecutive failures for the probe to be considered failed after
# having succeeded. Defaults to 3. Minimum value is 1. +optional
},
"terminationMessagePath": "A String", # Optional: Path at which the file to which the container's termination
# message will be written is mounted into the container's filesystem. Message
# written is intended to be brief final status, such as an assertion failure
# message. Will be truncated by the node if greater than 4096 bytes. The
# total message length across all containers will be limited to 12kb.
# Defaults to /dev/termination-log.
# Cannot be updated.
# +optional
"ports": [ # List of ports to expose from the container. Exposing a port here gives
# the system additional information about the network connections a
# container uses, but is primarily informational. Not specifying a port here
# DOES NOT prevent that port from being exposed. Any port which is
# listening on the default "0.0.0.0" address inside a container will be
# accessible from the network.
# Cannot be updated.
# +optional
{ # ContainerPort represents a network port in a single container.
"protocol": "A String", # Protocol for port. Must be UDP or TCP.
# Defaults to "TCP".
# +optional
"hostIP": "A String", # What host IP to bind the external port to.
# +optional
"containerPort": 42, # Number of port to expose on the pod's IP address.
# This must be a valid port number, 0 < x < 65536.
"name": "A String", # If specified, this must be an IANA_SVC_NAME and unique within the pod. Each
# named port in a pod must have a unique name. Name for the port that can be
# referred to by services.
# +optional
"hostPort": 42, # Number of port to expose on the host.
# If specified, this must be a valid port number, 0 < x < 65536.
# If HostNetwork is specified, this must match ContainerPort.
# Most containers do not need this.
# +optional
},
],
"resources": { # ResourceRequirements describes the compute resource requirements. # Compute Resources required by this container.
# Cannot be updated.
# More info:
# https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources
# +optional
"requests": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
"requestsInMap": { # Requests describes the minimum amount of compute resources required.
# If Requests is omitted for a container, it defaults to Limits if that is
# explicitly specified, otherwise to an implementation-defined value.
# This is a temporary field created to migrate away from the
# map requests field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of requests field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limitsInMap": { # Limits describes the maximum amount of compute resources allowed.
# This is a temporary field created to migrate away from the
# map limits field. This is done to become compliant
# with k8s style API.
# This field is deprecated in favor of limits field.
"a_key": { # The view model of a single quantity, e.g. "800 MiB". Corresponds to
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/generated.proto
"string": "A String", # Stringified version of the quantity, e.g., "800 MiB".
},
},
"limits": { # Limits describes the maximum amount of compute resources allowed.
# The values of the map is string form of the 'quantity' k8s type:
# https://github.com/kubernetes/kubernetes/blob/master/staging/src/k8s.io/apimachinery/pkg/api/resource/quantity.go
"a_key": "A String",
},
},
"workingDir": "A String", # Container's working directory.
# If not specified, the container runtime's default will be used, which
# might be configured in the container image.
# Cannot be updated.
# +optional
},
],
},
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Optional metadata for this Revision, including labels and annotations. Name
# will be generated by the Configuration.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
},
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ObjectMeta is metadata that all persisted resources must have, which includes # Metadata associated with this Configuration, including name, namespace,
# labels, and annotations.
# all objects users must create.
"ownerReferences": [ # List of objects that own this object. If ALL objects in the list have
# been deleted, this object will be garbage collected.
# +optional
{ # OwnerReference contains enough information to let you identify an owning
# object. Currently, an owning object must be in the same namespace, so there
# is no namespace field.
"kind": "A String", # Kind of the referent.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds
"uid": "A String", # UID of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
"apiVersion": "A String", # API version of the referent.
"controller": True or False, # If true, this reference points to the managing controller.
# +optional
"blockOwnerDeletion": True or False, # If true, AND if the owner has the "foregroundDeletion" finalizer, then
# the owner cannot be deleted from the key-value store until this
# reference is removed.
# Defaults to false.
# To set this field, a user needs "delete" permission of the owner,
# otherwise 422 (Unprocessable Entity) will be returned.
# +optional
"name": "A String", # Name of the referent.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
},
],
"name": "A String", # Name must be unique within a namespace, within a Cloud Run region.
# Is required when creating
# resources, although some resources may allow a client to request the
# generation of an appropriate name automatically. Name is primarily intended
# for creation idempotence and configuration definition. Cannot be updated.
# More info: http://kubernetes.io/docs/user-guide/identifiers#names
# +optional
"deletionTimestamp": "A String", # DeletionTimestamp is RFC 3339 date and time at which this resource will be
# deleted. This field is set by the server when a graceful deletion is
# requested by the user, and is not directly settable by a client. The
# resource is expected to be deleted (no longer visible from resource lists,
# and not reachable by name) after the time in this field, once the
# finalizers list is empty. As long as the finalizers list contains items,
# deletion is blocked. Once the deletionTimestamp is set, this value may not
# be unset or be set further into the future, although it may be shortened or
# the resource may be deleted prior to this time. For example, a user may
# request that a pod is deleted in 30 seconds. The Kubelet will react by
# sending a graceful termination signal to the containers in the pod. After
# that 30 seconds, the Kubelet will send a hard termination signal (SIGKILL)
# to the container and after cleanup, remove the pod from the API. In the
# presence of network partitions, this object may still exist after this
# timestamp, until an administrator or automated process can determine the
# resource is fully terminated.
# If not set, graceful deletion of the object has not been requested.
#
# Populated by the system when a graceful deletion is requested.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"clusterName": "A String", # Not currently supported by Cloud Run.
#
# The name of the cluster which the object belongs to.
# This is used to distinguish resources with same name and namespace in
# different clusters. This field is not set anywhere right now and apiserver
# is going to ignore it if set in create or update request. +optional
"deletionGracePeriodSeconds": 42, # Not currently supported by Cloud Run.
#
# Number of seconds allowed for this object to gracefully terminate before
# it will be removed from the system. Only set when deletionTimestamp is also
# set. May only be shortened. Read-only. +optional
"labels": { # Map of string keys and values that can be used to organize and categorize
# (scope and select) objects. May match selectors of replication controllers
# and routes.
# More info: http://kubernetes.io/docs/user-guide/labels
# +optional
"a_key": "A String",
},
"namespace": "A String", # Namespace defines the space within each name must be unique, within a
# Cloud Run region. In Cloud Run the namespace must be equal to either the
# project ID or project number.
"generation": 42, # A sequence number representing a specific generation of the desired state.
# Populated by the system. Read-only.
# +optional
"finalizers": [ # Not currently supported by Cloud Run.
#
# Must be empty before the object is deleted from the registry. Each entry
# is an identifier for the responsible component that will remove the entry
# from the list. If the deletionTimestamp of the object is non-nil, entries
# in this list can only be removed.
# +optional
# +patchStrategy=merge
"A String",
],
"initializers": { # Initializers tracks the progress of initialization. # Not currently supported by Cloud Run.
#
# An initializer is a controller which enforces some system invariant at
# object creation time. This field is a list of initializers that have not
# yet acted on this object. If nil or empty, this object has been completely
# initialized. Otherwise, the object is considered uninitialized and is
# hidden (in list/watch and get calls) from clients that haven't explicitly
# asked to observe uninitialized objects.
#
# When an object is created, the system will populate this list with the
# current set of initializers. Only privileged users may set or modify this
# list. Once it is empty, it may not be modified further by any user.
"pending": [ # Pending is a list of initializers that must execute in order before this
# object is visible. When the last pending initializer is removed, and no
# failing result is set, the initializers struct will be set to nil and the
# object is considered as initialized and visible to all clients.
# +patchMergeKey=name
# +patchStrategy=merge
{ # Initializer is information about an initializer that has not yet completed.
"name": "A String", # name of the process that is responsible for initializing this object.
},
],
},
"resourceVersion": "A String", # An opaque value that represents the internal version of this object that
# can be used by clients to determine when objects have changed. May be used
# for optimistic concurrency, change detection, and the watch operation on a
# resource or set of resources. Clients must treat these values as opaque and
# passed unmodified back to the server. They may only be valid for a
# particular resource or set of resources.
#
# Populated by the system.
# Read-only.
# Value must be treated as opaque by clients and .
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
"generateName": "A String", # Not currently supported by Cloud Run.
#
# GenerateName is an optional prefix, used by the server, to generate a
# unique name ONLY IF the Name field has not been provided. If this field is
# used, the name returned to the client will be different than the name
# passed. This value will also be combined with a unique suffix. The provided
# value has the same validation rules as the Name field, and may be truncated
# by the length of the suffix required to make the value unique on the
# server.
#
# If this field is specified and the generated name exists, the server will
# NOT return a 409 - instead, it will either return 201 Created or 500 with
# Reason ServerTimeout indicating a unique name could not be found in the
# time allotted, and the client should retry (optionally after the time
# indicated in the Retry-After header).
#
# Applied only if Name is not specified.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#idempotency
# +optional
# string generateName = 2;
"creationTimestamp": "A String", # CreationTimestamp is a timestamp representing the server time when this
# object was created. It is not guaranteed to be set in happens-before order
# across separate operations. Clients may not set this value. It is
# represented in RFC3339 form and is in UTC.
#
# Populated by the system.
# Read-only.
# Null for lists.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#metadata
# +optional
"annotations": { # Annotations is an unstructured key value map stored with a resource that
# may be set by external tools to store and retrieve arbitrary metadata. They
# are not queryable and should be preserved when modifying objects. More
# info: http://kubernetes.io/docs/user-guide/annotations +optional
"a_key": "A String",
},
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
# string selfLink = 4;
"uid": "A String", # UID is the unique in time and space value for this object. It is typically
# generated by the server on successful creation of a resource and is not
# allowed to change on PUT operations.
#
# Populated by the system.
# Read-only.
# More info: http://kubernetes.io/docs/user-guide/identifiers#uids
# +optional
},
},
],
"apiVersion": "A String", # The API version for this call such as "v1alpha1".
"metadata": { # ListMeta describes metadata that synthetic resources must have, including # Metadata associated with this Configuration list.
# lists and various status objects. A resource may have only one of
# {ObjectMeta, ListMeta}.
"continue": "A String", # continue may be set if the user set a limit on the number of items
# returned, and indicates that the server has more data available. The value
# is opaque and may be used to issue another request to the endpoint that
# served this list to retrieve the next set of available objects. Continuing
# a list may not be possible if the server configuration has changed or more
# than a few minutes have passed. The resourceVersion field returned when
# using this continue value will be identical to the value in the first
# response.
"selfLink": "A String", # SelfLink is a URL representing this object.
# Populated by the system.
# Read-only.
# +optional
"resourceVersion": "A String", # String that identifies the server's internal version of this object that
# can be used by clients to determine when objects have changed. Value must
# be treated as opaque by clients and passed unmodified back to the server.
# Populated by the system.
# Read-only.
# More info:
# https://git.k8s.io/community/contributors/devel/api-conventions.md#concurrency-control-and-consistency
# +optional
},
}