diff --git a/python/proto/gkehub/alpha/feature_membership.proto b/python/proto/gkehub/alpha/feature_membership.proto index 231d2ecb26..78d278920e 100755 --- a/python/proto/gkehub/alpha/feature_membership.proto +++ b/python/proto/gkehub/alpha/feature_membership.proto @@ -99,9 +99,10 @@ message GkehubAlphaFeatureMembershipConfigmanagement { message GkehubAlphaFeatureMembershipConfigmanagementConfigSync { GkehubAlphaFeatureMembershipConfigmanagementConfigSyncGit git = 1; string source_format = 2; - bool prevent_drift = 3; - string metrics_gcp_service_account_email = 4; - GkehubAlphaFeatureMembershipConfigmanagementConfigSyncOci oci = 5; + bool enabled = 3; + bool prevent_drift = 4; + string metrics_gcp_service_account_email = 5; + GkehubAlphaFeatureMembershipConfigmanagementConfigSyncOci oci = 6; } message GkehubAlphaFeatureMembershipConfigmanagementConfigSyncGit { diff --git a/python/proto/gkehub/beta/feature_membership.proto b/python/proto/gkehub/beta/feature_membership.proto index ded68754bd..d429ae6b65 100755 --- a/python/proto/gkehub/beta/feature_membership.proto +++ b/python/proto/gkehub/beta/feature_membership.proto @@ -99,9 +99,10 @@ message GkehubBetaFeatureMembershipConfigmanagement { message GkehubBetaFeatureMembershipConfigmanagementConfigSync { GkehubBetaFeatureMembershipConfigmanagementConfigSyncGit git = 1; string source_format = 2; - bool prevent_drift = 3; - string metrics_gcp_service_account_email = 4; - GkehubBetaFeatureMembershipConfigmanagementConfigSyncOci oci = 5; + bool enabled = 3; + bool prevent_drift = 4; + string metrics_gcp_service_account_email = 5; + GkehubBetaFeatureMembershipConfigmanagementConfigSyncOci oci = 6; } message GkehubBetaFeatureMembershipConfigmanagementConfigSyncGit { diff --git a/python/proto/gkehub/feature_membership.proto b/python/proto/gkehub/feature_membership.proto index 6e727cc07a..7a12691028 100755 --- a/python/proto/gkehub/feature_membership.proto +++ b/python/proto/gkehub/feature_membership.proto @@ -99,9 +99,10 @@ message GkehubFeatureMembershipConfigmanagement { message GkehubFeatureMembershipConfigmanagementConfigSync { GkehubFeatureMembershipConfigmanagementConfigSyncGit git = 1; string source_format = 2; - bool prevent_drift = 3; - string metrics_gcp_service_account_email = 4; - GkehubFeatureMembershipConfigmanagementConfigSyncOci oci = 5; + bool enabled = 3; + bool prevent_drift = 4; + string metrics_gcp_service_account_email = 5; + GkehubFeatureMembershipConfigmanagementConfigSyncOci oci = 6; } message GkehubFeatureMembershipConfigmanagementConfigSyncGit { diff --git a/python/services/gkehub/alpha/feature_membership.py b/python/services/gkehub/alpha/feature_membership.py index 7f9df42623..481f5ed636 100755 --- a/python/services/gkehub/alpha/feature_membership.py +++ b/python/services/gkehub/alpha/feature_membership.py @@ -335,12 +335,14 @@ def __init__( self, git: dict = None, source_format: str = None, + enabled: bool = None, prevent_drift: bool = None, metrics_gcp_service_account_email: str = None, oci: dict = None, ): self.git = git self.source_format = source_format + self.enabled = enabled self.prevent_drift = prevent_drift self.metrics_gcp_service_account_email = metrics_gcp_service_account_email self.oci = oci @@ -361,6 +363,8 @@ def to_proto(self, resource): res.ClearField("git") if Primitive.to_proto(resource.source_format): res.source_format = Primitive.to_proto(resource.source_format) + if Primitive.to_proto(resource.enabled): + res.enabled = Primitive.to_proto(resource.enabled) if Primitive.to_proto(resource.prevent_drift): res.prevent_drift = Primitive.to_proto(resource.prevent_drift) if Primitive.to_proto(resource.metrics_gcp_service_account_email): @@ -383,6 +387,7 @@ def from_proto(self, resource): return FeatureMembershipConfigmanagementConfigSync( git=FeatureMembershipConfigmanagementConfigSyncGit.from_proto(resource.git), source_format=Primitive.from_proto(resource.source_format), + enabled=Primitive.from_proto(resource.enabled), prevent_drift=Primitive.from_proto(resource.prevent_drift), metrics_gcp_service_account_email=Primitive.from_proto( resource.metrics_gcp_service_account_email diff --git a/python/services/gkehub/alpha/feature_membership_server.go b/python/services/gkehub/alpha/feature_membership_server.go index 63f286da56..95986004ed 100755 --- a/python/services/gkehub/alpha/feature_membership_server.go +++ b/python/services/gkehub/alpha/feature_membership_server.go @@ -143,6 +143,7 @@ func ProtoToGkehubAlphaFeatureMembershipConfigmanagementConfigSync(p *alphapb.Gk obj := &alpha.FeatureMembershipConfigmanagementConfigSync{ Git: ProtoToGkehubAlphaFeatureMembershipConfigmanagementConfigSyncGit(p.GetGit()), SourceFormat: dcl.StringOrNil(p.GetSourceFormat()), + Enabled: dcl.Bool(p.GetEnabled()), PreventDrift: dcl.Bool(p.GetPreventDrift()), MetricsGcpServiceAccountEmail: dcl.StringOrNil(p.GetMetricsGcpServiceAccountEmail()), Oci: ProtoToGkehubAlphaFeatureMembershipConfigmanagementConfigSyncOci(p.GetOci()), @@ -509,6 +510,7 @@ func GkehubAlphaFeatureMembershipConfigmanagementConfigSyncToProto(o *alpha.Feat p := &alphapb.GkehubAlphaFeatureMembershipConfigmanagementConfigSync{} p.SetGit(GkehubAlphaFeatureMembershipConfigmanagementConfigSyncGitToProto(o.Git)) p.SetSourceFormat(dcl.ValueOrEmptyString(o.SourceFormat)) + p.SetEnabled(dcl.ValueOrEmptyBool(o.Enabled)) p.SetPreventDrift(dcl.ValueOrEmptyBool(o.PreventDrift)) p.SetMetricsGcpServiceAccountEmail(dcl.ValueOrEmptyString(o.MetricsGcpServiceAccountEmail)) p.SetOci(GkehubAlphaFeatureMembershipConfigmanagementConfigSyncOciToProto(o.Oci)) diff --git a/python/services/gkehub/beta/feature_membership.py b/python/services/gkehub/beta/feature_membership.py index cb3cfab921..e086057c2f 100755 --- a/python/services/gkehub/beta/feature_membership.py +++ b/python/services/gkehub/beta/feature_membership.py @@ -335,12 +335,14 @@ def __init__( self, git: dict = None, source_format: str = None, + enabled: bool = None, prevent_drift: bool = None, metrics_gcp_service_account_email: str = None, oci: dict = None, ): self.git = git self.source_format = source_format + self.enabled = enabled self.prevent_drift = prevent_drift self.metrics_gcp_service_account_email = metrics_gcp_service_account_email self.oci = oci @@ -361,6 +363,8 @@ def to_proto(self, resource): res.ClearField("git") if Primitive.to_proto(resource.source_format): res.source_format = Primitive.to_proto(resource.source_format) + if Primitive.to_proto(resource.enabled): + res.enabled = Primitive.to_proto(resource.enabled) if Primitive.to_proto(resource.prevent_drift): res.prevent_drift = Primitive.to_proto(resource.prevent_drift) if Primitive.to_proto(resource.metrics_gcp_service_account_email): @@ -383,6 +387,7 @@ def from_proto(self, resource): return FeatureMembershipConfigmanagementConfigSync( git=FeatureMembershipConfigmanagementConfigSyncGit.from_proto(resource.git), source_format=Primitive.from_proto(resource.source_format), + enabled=Primitive.from_proto(resource.enabled), prevent_drift=Primitive.from_proto(resource.prevent_drift), metrics_gcp_service_account_email=Primitive.from_proto( resource.metrics_gcp_service_account_email diff --git a/python/services/gkehub/beta/feature_membership_server.go b/python/services/gkehub/beta/feature_membership_server.go index 04636dbea1..e58b3e11d8 100755 --- a/python/services/gkehub/beta/feature_membership_server.go +++ b/python/services/gkehub/beta/feature_membership_server.go @@ -143,6 +143,7 @@ func ProtoToGkehubBetaFeatureMembershipConfigmanagementConfigSync(p *betapb.Gkeh obj := &beta.FeatureMembershipConfigmanagementConfigSync{ Git: ProtoToGkehubBetaFeatureMembershipConfigmanagementConfigSyncGit(p.GetGit()), SourceFormat: dcl.StringOrNil(p.GetSourceFormat()), + Enabled: dcl.Bool(p.GetEnabled()), PreventDrift: dcl.Bool(p.GetPreventDrift()), MetricsGcpServiceAccountEmail: dcl.StringOrNil(p.GetMetricsGcpServiceAccountEmail()), Oci: ProtoToGkehubBetaFeatureMembershipConfigmanagementConfigSyncOci(p.GetOci()), @@ -509,6 +510,7 @@ func GkehubBetaFeatureMembershipConfigmanagementConfigSyncToProto(o *beta.Featur p := &betapb.GkehubBetaFeatureMembershipConfigmanagementConfigSync{} p.SetGit(GkehubBetaFeatureMembershipConfigmanagementConfigSyncGitToProto(o.Git)) p.SetSourceFormat(dcl.ValueOrEmptyString(o.SourceFormat)) + p.SetEnabled(dcl.ValueOrEmptyBool(o.Enabled)) p.SetPreventDrift(dcl.ValueOrEmptyBool(o.PreventDrift)) p.SetMetricsGcpServiceAccountEmail(dcl.ValueOrEmptyString(o.MetricsGcpServiceAccountEmail)) p.SetOci(GkehubBetaFeatureMembershipConfigmanagementConfigSyncOciToProto(o.Oci)) diff --git a/python/services/gkehub/feature_membership.py b/python/services/gkehub/feature_membership.py index 9a3ce3946c..1a9f7a804a 100755 --- a/python/services/gkehub/feature_membership.py +++ b/python/services/gkehub/feature_membership.py @@ -335,12 +335,14 @@ def __init__( self, git: dict = None, source_format: str = None, + enabled: bool = None, prevent_drift: bool = None, metrics_gcp_service_account_email: str = None, oci: dict = None, ): self.git = git self.source_format = source_format + self.enabled = enabled self.prevent_drift = prevent_drift self.metrics_gcp_service_account_email = metrics_gcp_service_account_email self.oci = oci @@ -359,6 +361,8 @@ def to_proto(self, resource): res.ClearField("git") if Primitive.to_proto(resource.source_format): res.source_format = Primitive.to_proto(resource.source_format) + if Primitive.to_proto(resource.enabled): + res.enabled = Primitive.to_proto(resource.enabled) if Primitive.to_proto(resource.prevent_drift): res.prevent_drift = Primitive.to_proto(resource.prevent_drift) if Primitive.to_proto(resource.metrics_gcp_service_account_email): @@ -381,6 +385,7 @@ def from_proto(self, resource): return FeatureMembershipConfigmanagementConfigSync( git=FeatureMembershipConfigmanagementConfigSyncGit.from_proto(resource.git), source_format=Primitive.from_proto(resource.source_format), + enabled=Primitive.from_proto(resource.enabled), prevent_drift=Primitive.from_proto(resource.prevent_drift), metrics_gcp_service_account_email=Primitive.from_proto( resource.metrics_gcp_service_account_email diff --git a/python/services/gkehub/feature_membership_server.go b/python/services/gkehub/feature_membership_server.go index b6db4bf27c..9d58b2b207 100755 --- a/python/services/gkehub/feature_membership_server.go +++ b/python/services/gkehub/feature_membership_server.go @@ -143,6 +143,7 @@ func ProtoToGkehubFeatureMembershipConfigmanagementConfigSync(p *gkehubpb.Gkehub obj := &gkehub.FeatureMembershipConfigmanagementConfigSync{ Git: ProtoToGkehubFeatureMembershipConfigmanagementConfigSyncGit(p.GetGit()), SourceFormat: dcl.StringOrNil(p.GetSourceFormat()), + Enabled: dcl.Bool(p.GetEnabled()), PreventDrift: dcl.Bool(p.GetPreventDrift()), MetricsGcpServiceAccountEmail: dcl.StringOrNil(p.GetMetricsGcpServiceAccountEmail()), Oci: ProtoToGkehubFeatureMembershipConfigmanagementConfigSyncOci(p.GetOci()), @@ -509,6 +510,7 @@ func GkehubFeatureMembershipConfigmanagementConfigSyncToProto(o *gkehub.FeatureM p := &gkehubpb.GkehubFeatureMembershipConfigmanagementConfigSync{} p.SetGit(GkehubFeatureMembershipConfigmanagementConfigSyncGitToProto(o.Git)) p.SetSourceFormat(dcl.ValueOrEmptyString(o.SourceFormat)) + p.SetEnabled(dcl.ValueOrEmptyBool(o.Enabled)) p.SetPreventDrift(dcl.ValueOrEmptyBool(o.PreventDrift)) p.SetMetricsGcpServiceAccountEmail(dcl.ValueOrEmptyString(o.MetricsGcpServiceAccountEmail)) p.SetOci(GkehubFeatureMembershipConfigmanagementConfigSyncOciToProto(o.Oci)) diff --git a/services/google/gkehub/alpha/feature_membership.go b/services/google/gkehub/alpha/feature_membership.go index 43d5e738a7..f75c5c2415 100755 --- a/services/google/gkehub/alpha/feature_membership.go +++ b/services/google/gkehub/alpha/feature_membership.go @@ -338,6 +338,7 @@ type FeatureMembershipConfigmanagementConfigSync struct { empty bool `json:"-"` Git *FeatureMembershipConfigmanagementConfigSyncGit `json:"git"` SourceFormat *string `json:"sourceFormat"` + Enabled *bool `json:"enabled"` PreventDrift *bool `json:"preventDrift"` MetricsGcpServiceAccountEmail *string `json:"metricsGcpServiceAccountEmail"` Oci *FeatureMembershipConfigmanagementConfigSyncOci `json:"oci"` @@ -362,6 +363,8 @@ func (r *FeatureMembershipConfigmanagementConfigSync) UnmarshalJSON(data []byte) r.SourceFormat = res.SourceFormat + r.Enabled = res.Enabled + r.PreventDrift = res.PreventDrift r.MetricsGcpServiceAccountEmail = res.MetricsGcpServiceAccountEmail diff --git a/services/google/gkehub/alpha/feature_membership.yaml b/services/google/gkehub/alpha/feature_membership.yaml index 69064f1b40..d305078c95 100755 --- a/services/google/gkehub/alpha/feature_membership.yaml +++ b/services/google/gkehub/alpha/feature_membership.yaml @@ -110,6 +110,15 @@ components: description: Config Sync configuration for the cluster. x-dcl-send-empty: true properties: + enabled: + type: boolean + x-dcl-go-name: Enabled + description: Enables the installation of ConfigSync. If set to true, + ConfigSync resources will be created and the other ConfigSync + fields will be applied if exist. If set to false, all other ConfigSync + fields will be ignored, ConfigSync resources will be deleted. + If omitted, ConfigSync resources will be managed depends on the + presence of the git or oci field. git: type: object x-dcl-go-name: Git diff --git a/services/google/gkehub/alpha/feature_membership_alpha_yaml_embed.go b/services/google/gkehub/alpha/feature_membership_alpha_yaml_embed.go index 41657b68da..be71158995 100755 --- a/services/google/gkehub/alpha/feature_membership_alpha_yaml_embed.go +++ b/services/google/gkehub/alpha/feature_membership_alpha_yaml_embed.go @@ -17,7 +17,7 @@ package alpha // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/gkehub/alpha/feature_membership.yaml -var YAML_feature_membership = []byte("info:\n title: GkeHub/FeatureMembership\n description: The GkeHub FeatureMembership resource\n x-dcl-struct-name: FeatureMembership\n x-dcl-has-iam: false\n x-dcl-mutex: '{{project}}/{{location}}/{{feature}}'\npaths:\n get:\n description: The function used to get information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n apply:\n description: The function used to apply information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n delete:\n description: The function used to delete a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n deleteAll:\n description: The function used to delete all FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n FeatureMembership:\n title: FeatureMembership\n x-dcl-id: projects/{{project}}/locations/{{location}}/features/{{feature}}/memberships/{{membership}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - project\n - location\n - feature\n - membership\n properties:\n configmanagement:\n type: object\n x-dcl-go-name: Configmanagement\n x-dcl-go-type: FeatureMembershipConfigmanagement\n description: Config Management-specific spec.\n properties:\n binauthz:\n type: object\n x-dcl-go-name: Binauthz\n x-dcl-go-type: FeatureMembershipConfigmanagementBinauthz\n description: '**DEPRECATED** Binauthz configuration for the cluster.\n This field will be ignored and should not be set.'\n x-dcl-server-default: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether binauthz is enabled in this cluster.\n x-dcl-parameter: true\n configSync:\n type: object\n x-dcl-go-name: ConfigSync\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSync\n description: Config Sync configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n git:\n type: object\n x-dcl-go-name: Git\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncGit\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: The GCP Service Account Email used for auth when\n secretType is gcpServiceAccount.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n httpsProxy:\n type: string\n x-dcl-go-name: HttpsProxy\n description: URL for the HTTPS proxy to be used when communicating\n with the Git repo.\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The path within the Git repository that represents\n the top level of the repo to sync. Default: the root directory\n of the repository.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the Git\n repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount\n or none. The validation of this is case-sensitive.\n syncBranch:\n type: string\n x-dcl-go-name: SyncBranch\n description: 'The branch of the repository to sync from. Default:\n master.'\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The URL of the Git repository to use as the source\n of truth.\n syncRev:\n type: string\n x-dcl-go-name: SyncRev\n description: Git revision (tag or hash) to check out. Default\n HEAD.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds between consecutive syncs. Default:\n 15.'\n metricsGcpServiceAccountEmail:\n type: string\n x-dcl-go-name: MetricsGcpServiceAccountEmail\n description: The Email of the Google Cloud Service Account (GSA)\n used for exporting Config Sync metrics to Cloud Monitoring. The\n GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter)\n IAM role. The Kubernetes ServiceAccount `default` in the namespace\n `config-management-monitoring` should be bound to the GSA.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n oci:\n type: object\n x-dcl-go-name: Oci\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncOci\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: 'The GCP Service Account Email used for auth when\n secret_type is gcpserviceaccount. '\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The absolute path of the directory that contains\n the local resources. Default: the root directory of the image.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the OCI\n Image. Must be one of gcenode, gcpserviceaccount or none.\n The validation of this is case-sensitive.\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The OCI image repository URL for the package to\n sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds(int64 format) between consecutive\n syncs. Default: 15.'\n preventDrift:\n type: boolean\n x-dcl-go-name: PreventDrift\n description: Set to true to enable the Config Sync admission webhook\n to prevent drifts. If set to `false`, disables the Config Sync\n admission webhook and does not prevent drifts.\n x-dcl-server-default: true\n sourceFormat:\n type: string\n x-dcl-go-name: SourceFormat\n description: Specifies whether the Config Sync Repo is in \"hierarchical\"\n or \"unstructured\" mode.\n hierarchyController:\n type: object\n x-dcl-go-name: HierarchyController\n x-dcl-go-type: FeatureMembershipConfigmanagementHierarchyController\n description: Hierarchy Controller configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enableHierarchicalResourceQuota:\n type: boolean\n x-dcl-go-name: EnableHierarchicalResourceQuota\n description: Whether hierarchical resource quota is enabled in this\n cluster.\n x-dcl-send-empty: true\n enablePodTreeLabels:\n type: boolean\n x-dcl-go-name: EnablePodTreeLabels\n description: Whether pod tree labels are enabled in this cluster.\n x-dcl-send-empty: true\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether Hierarchy Controller is enabled in this cluster.\n x-dcl-send-empty: true\n policyController:\n type: object\n x-dcl-go-name: PolicyController\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyController\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: string\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of Policy Controller. If false,\n the rest of PolicyController fields take no effect.\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enable or disable mutation in policy controller. If\n true, mutation CRDs, webhook and controller deployment will be\n deployed to the cluster.\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n templateLibraryInstalled:\n type: boolean\n x-dcl-go-name: TemplateLibraryInstalled\n description: Installs the default template library along with Policy\n Controller.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of ACM to install. Defaults to the latest\n version.\n x-dcl-server-default: true\n feature:\n type: string\n x-dcl-go-name: Feature\n description: The name of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Feature\n field: name\n parent: true\n x-dcl-parameter: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location of the feature\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n membership:\n type: string\n x-dcl-go-name: Membership\n description: The name of the membership\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Membership\n field: name\n x-dcl-parameter: true\n membershipLocation:\n type: string\n x-dcl-go-name: MembershipLocation\n description: The location of the membership\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n mesh:\n type: object\n x-dcl-go-name: Mesh\n x-dcl-go-type: FeatureMembershipMesh\n description: Manage Mesh Features\n properties:\n controlPlane:\n type: string\n x-dcl-go-name: ControlPlane\n x-dcl-go-type: FeatureMembershipMeshControlPlaneEnum\n description: '**DEPRECATED** Whether to automatically manage Service\n Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED,\n AUTOMATIC, MANUAL'\n enum:\n - CONTROL_PLANE_MANAGEMENT_UNSPECIFIED\n - AUTOMATIC\n - MANUAL\n management:\n type: string\n x-dcl-go-name: Management\n x-dcl-go-type: FeatureMembershipMeshManagementEnum\n description: 'Whether to automatically manage Service Mesh. Possible\n values: MANAGEMENT_UNSPECIFIED, MANAGEMENT_AUTOMATIC, MANAGEMENT_MANUAL'\n enum:\n - MANAGEMENT_UNSPECIFIED\n - MANAGEMENT_AUTOMATIC\n - MANAGEMENT_MANUAL\n policycontroller:\n type: object\n x-dcl-go-name: Policycontroller\n x-dcl-go-type: FeatureMembershipPolicycontroller\n description: Policy Controller-specific spec.\n required:\n - policyControllerHubConfig\n properties:\n policyControllerHubConfig:\n type: object\n x-dcl-go-name: PolicyControllerHubConfig\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfig\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: integer\n format: int64\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n constraintViolationLimit:\n type: integer\n format: int64\n x-dcl-go-name: ConstraintViolationLimit\n description: The maximum number of audit violations to be stored\n in a constraint. If not set, the internal default of 20 will be\n used.\n deploymentConfigs:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigs\n properties:\n containerResources:\n type: object\n x-dcl-go-name: ContainerResources\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResources\n description: Container resource requirements.\n x-dcl-conflicts:\n - replicaCount\n - podAffinity\n - podTolerations\n properties:\n limits:\n type: object\n x-dcl-go-name: Limits\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesLimits\n description: Limits describes the maximum amount of compute\n resources allowed for use by the running container.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n requests:\n type: object\n x-dcl-go-name: Requests\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesRequests\n description: Requests describes the amount of compute\n resources reserved for the container by the kube-scheduler.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n podAffinity:\n type: string\n x-dcl-go-name: PodAffinity\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodAffinityEnum\n description: 'Pod affinity configuration. Possible values:\n AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY'\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podTolerations\n enum:\n - AFFINITY_UNSPECIFIED\n - NO_AFFINITY\n - ANTI_AFFINITY\n podTolerations:\n type: array\n x-dcl-go-name: PodTolerations\n description: Pod tolerations of node taints.\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podAffinity\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodTolerations\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n description: Matches a taint effect.\n key:\n type: string\n x-dcl-go-name: Key\n description: Matches a taint key (not necessarily unique).\n operator:\n type: string\n x-dcl-go-name: Operator\n description: Matches a taint operator.\n value:\n type: string\n x-dcl-go-name: Value\n description: Matches a taint value.\n replicaCount:\n type: integer\n format: int64\n x-dcl-go-name: ReplicaCount\n description: Pod replica count.\n x-dcl-conflicts:\n - containerResources\n - podAffinity\n - podTolerations\n x-dcl-go-name: DeploymentConfigs\n description: Map of deployment configs to deployments (\"admission\",\n \"audit\", \"mutation\").\n x-dcl-server-default: true\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n installSpec:\n type: string\n x-dcl-go-name: InstallSpec\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigInstallSpecEnum\n description: 'Configures the mode of the Policy Controller installation.\n Possible values: INSTALL_SPEC_UNSPECIFIED, INSTALL_SPEC_NOT_INSTALLED,\n INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED, INSTALL_SPEC_DETACHED'\n enum:\n - INSTALL_SPEC_UNSPECIFIED\n - INSTALL_SPEC_NOT_INSTALLED\n - INSTALL_SPEC_ENABLED\n - INSTALL_SPEC_SUSPENDED\n - INSTALL_SPEC_DETACHED\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enables the ability to mutate resources using Policy\n Controller.\n policyContent:\n type: object\n x-dcl-go-name: PolicyContent\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent\n description: Specifies the desired policy content on the cluster.\n x-dcl-server-default: true\n properties:\n bundles:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundles\n properties:\n exemptedNamespaces:\n type: array\n x-dcl-go-name: ExemptedNamespaces\n description: The set of namespaces to be exempted from\n the bundle.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n x-dcl-go-name: Bundles\n description: map of bundle name to BundleInstallSpec. The bundle\n name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData`\n annotation on a constraint.\n templateLibrary:\n type: object\n x-dcl-go-name: TemplateLibrary\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary\n description: Configures the installation of the Template Library.\n x-dcl-server-default: true\n properties:\n installation:\n type: string\n x-dcl-go-name: Installation\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryInstallationEnum\n description: 'Configures the manner in which the template\n library is installed on the cluster. Possible values:\n INSTALLATION_UNSPECIFIED, NOT_INSTALLED, ALL'\n enum:\n - INSTALLATION_UNSPECIFIED\n - NOT_INSTALLED\n - ALL\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of Policy Controller to install. Defaults\n to the latest version.\n x-dcl-server-default: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n") +var YAML_feature_membership = []byte("info:\n title: GkeHub/FeatureMembership\n description: The GkeHub FeatureMembership resource\n x-dcl-struct-name: FeatureMembership\n x-dcl-has-iam: false\n x-dcl-mutex: '{{project}}/{{location}}/{{feature}}'\npaths:\n get:\n description: The function used to get information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n apply:\n description: The function used to apply information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n delete:\n description: The function used to delete a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n deleteAll:\n description: The function used to delete all FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n FeatureMembership:\n title: FeatureMembership\n x-dcl-id: projects/{{project}}/locations/{{location}}/features/{{feature}}/memberships/{{membership}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - project\n - location\n - feature\n - membership\n properties:\n configmanagement:\n type: object\n x-dcl-go-name: Configmanagement\n x-dcl-go-type: FeatureMembershipConfigmanagement\n description: Config Management-specific spec.\n properties:\n binauthz:\n type: object\n x-dcl-go-name: Binauthz\n x-dcl-go-type: FeatureMembershipConfigmanagementBinauthz\n description: '**DEPRECATED** Binauthz configuration for the cluster.\n This field will be ignored and should not be set.'\n x-dcl-server-default: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether binauthz is enabled in this cluster.\n x-dcl-parameter: true\n configSync:\n type: object\n x-dcl-go-name: ConfigSync\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSync\n description: Config Sync configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of ConfigSync. If set to true,\n ConfigSync resources will be created and the other ConfigSync\n fields will be applied if exist. If set to false, all other ConfigSync\n fields will be ignored, ConfigSync resources will be deleted.\n If omitted, ConfigSync resources will be managed depends on the\n presence of the git or oci field.\n git:\n type: object\n x-dcl-go-name: Git\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncGit\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: The GCP Service Account Email used for auth when\n secretType is gcpServiceAccount.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n httpsProxy:\n type: string\n x-dcl-go-name: HttpsProxy\n description: URL for the HTTPS proxy to be used when communicating\n with the Git repo.\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The path within the Git repository that represents\n the top level of the repo to sync. Default: the root directory\n of the repository.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the Git\n repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount\n or none. The validation of this is case-sensitive.\n syncBranch:\n type: string\n x-dcl-go-name: SyncBranch\n description: 'The branch of the repository to sync from. Default:\n master.'\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The URL of the Git repository to use as the source\n of truth.\n syncRev:\n type: string\n x-dcl-go-name: SyncRev\n description: Git revision (tag or hash) to check out. Default\n HEAD.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds between consecutive syncs. Default:\n 15.'\n metricsGcpServiceAccountEmail:\n type: string\n x-dcl-go-name: MetricsGcpServiceAccountEmail\n description: The Email of the Google Cloud Service Account (GSA)\n used for exporting Config Sync metrics to Cloud Monitoring. The\n GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter)\n IAM role. The Kubernetes ServiceAccount `default` in the namespace\n `config-management-monitoring` should be bound to the GSA.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n oci:\n type: object\n x-dcl-go-name: Oci\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncOci\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: 'The GCP Service Account Email used for auth when\n secret_type is gcpserviceaccount. '\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The absolute path of the directory that contains\n the local resources. Default: the root directory of the image.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the OCI\n Image. Must be one of gcenode, gcpserviceaccount or none.\n The validation of this is case-sensitive.\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The OCI image repository URL for the package to\n sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds(int64 format) between consecutive\n syncs. Default: 15.'\n preventDrift:\n type: boolean\n x-dcl-go-name: PreventDrift\n description: Set to true to enable the Config Sync admission webhook\n to prevent drifts. If set to `false`, disables the Config Sync\n admission webhook and does not prevent drifts.\n x-dcl-server-default: true\n sourceFormat:\n type: string\n x-dcl-go-name: SourceFormat\n description: Specifies whether the Config Sync Repo is in \"hierarchical\"\n or \"unstructured\" mode.\n hierarchyController:\n type: object\n x-dcl-go-name: HierarchyController\n x-dcl-go-type: FeatureMembershipConfigmanagementHierarchyController\n description: Hierarchy Controller configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enableHierarchicalResourceQuota:\n type: boolean\n x-dcl-go-name: EnableHierarchicalResourceQuota\n description: Whether hierarchical resource quota is enabled in this\n cluster.\n x-dcl-send-empty: true\n enablePodTreeLabels:\n type: boolean\n x-dcl-go-name: EnablePodTreeLabels\n description: Whether pod tree labels are enabled in this cluster.\n x-dcl-send-empty: true\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether Hierarchy Controller is enabled in this cluster.\n x-dcl-send-empty: true\n policyController:\n type: object\n x-dcl-go-name: PolicyController\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyController\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: string\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of Policy Controller. If false,\n the rest of PolicyController fields take no effect.\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enable or disable mutation in policy controller. If\n true, mutation CRDs, webhook and controller deployment will be\n deployed to the cluster.\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n templateLibraryInstalled:\n type: boolean\n x-dcl-go-name: TemplateLibraryInstalled\n description: Installs the default template library along with Policy\n Controller.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of ACM to install. Defaults to the latest\n version.\n x-dcl-server-default: true\n feature:\n type: string\n x-dcl-go-name: Feature\n description: The name of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Feature\n field: name\n parent: true\n x-dcl-parameter: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location of the feature\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n membership:\n type: string\n x-dcl-go-name: Membership\n description: The name of the membership\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Membership\n field: name\n x-dcl-parameter: true\n membershipLocation:\n type: string\n x-dcl-go-name: MembershipLocation\n description: The location of the membership\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n mesh:\n type: object\n x-dcl-go-name: Mesh\n x-dcl-go-type: FeatureMembershipMesh\n description: Manage Mesh Features\n properties:\n controlPlane:\n type: string\n x-dcl-go-name: ControlPlane\n x-dcl-go-type: FeatureMembershipMeshControlPlaneEnum\n description: '**DEPRECATED** Whether to automatically manage Service\n Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED,\n AUTOMATIC, MANUAL'\n enum:\n - CONTROL_PLANE_MANAGEMENT_UNSPECIFIED\n - AUTOMATIC\n - MANUAL\n management:\n type: string\n x-dcl-go-name: Management\n x-dcl-go-type: FeatureMembershipMeshManagementEnum\n description: 'Whether to automatically manage Service Mesh. Possible\n values: MANAGEMENT_UNSPECIFIED, MANAGEMENT_AUTOMATIC, MANAGEMENT_MANUAL'\n enum:\n - MANAGEMENT_UNSPECIFIED\n - MANAGEMENT_AUTOMATIC\n - MANAGEMENT_MANUAL\n policycontroller:\n type: object\n x-dcl-go-name: Policycontroller\n x-dcl-go-type: FeatureMembershipPolicycontroller\n description: Policy Controller-specific spec.\n required:\n - policyControllerHubConfig\n properties:\n policyControllerHubConfig:\n type: object\n x-dcl-go-name: PolicyControllerHubConfig\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfig\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: integer\n format: int64\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n constraintViolationLimit:\n type: integer\n format: int64\n x-dcl-go-name: ConstraintViolationLimit\n description: The maximum number of audit violations to be stored\n in a constraint. If not set, the internal default of 20 will be\n used.\n deploymentConfigs:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigs\n properties:\n containerResources:\n type: object\n x-dcl-go-name: ContainerResources\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResources\n description: Container resource requirements.\n x-dcl-conflicts:\n - replicaCount\n - podAffinity\n - podTolerations\n properties:\n limits:\n type: object\n x-dcl-go-name: Limits\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesLimits\n description: Limits describes the maximum amount of compute\n resources allowed for use by the running container.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n requests:\n type: object\n x-dcl-go-name: Requests\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesRequests\n description: Requests describes the amount of compute\n resources reserved for the container by the kube-scheduler.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n podAffinity:\n type: string\n x-dcl-go-name: PodAffinity\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodAffinityEnum\n description: 'Pod affinity configuration. Possible values:\n AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY'\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podTolerations\n enum:\n - AFFINITY_UNSPECIFIED\n - NO_AFFINITY\n - ANTI_AFFINITY\n podTolerations:\n type: array\n x-dcl-go-name: PodTolerations\n description: Pod tolerations of node taints.\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podAffinity\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodTolerations\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n description: Matches a taint effect.\n key:\n type: string\n x-dcl-go-name: Key\n description: Matches a taint key (not necessarily unique).\n operator:\n type: string\n x-dcl-go-name: Operator\n description: Matches a taint operator.\n value:\n type: string\n x-dcl-go-name: Value\n description: Matches a taint value.\n replicaCount:\n type: integer\n format: int64\n x-dcl-go-name: ReplicaCount\n description: Pod replica count.\n x-dcl-conflicts:\n - containerResources\n - podAffinity\n - podTolerations\n x-dcl-go-name: DeploymentConfigs\n description: Map of deployment configs to deployments (\"admission\",\n \"audit\", \"mutation\").\n x-dcl-server-default: true\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n installSpec:\n type: string\n x-dcl-go-name: InstallSpec\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigInstallSpecEnum\n description: 'Configures the mode of the Policy Controller installation.\n Possible values: INSTALL_SPEC_UNSPECIFIED, INSTALL_SPEC_NOT_INSTALLED,\n INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED, INSTALL_SPEC_DETACHED'\n enum:\n - INSTALL_SPEC_UNSPECIFIED\n - INSTALL_SPEC_NOT_INSTALLED\n - INSTALL_SPEC_ENABLED\n - INSTALL_SPEC_SUSPENDED\n - INSTALL_SPEC_DETACHED\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enables the ability to mutate resources using Policy\n Controller.\n policyContent:\n type: object\n x-dcl-go-name: PolicyContent\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent\n description: Specifies the desired policy content on the cluster.\n x-dcl-server-default: true\n properties:\n bundles:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundles\n properties:\n exemptedNamespaces:\n type: array\n x-dcl-go-name: ExemptedNamespaces\n description: The set of namespaces to be exempted from\n the bundle.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n x-dcl-go-name: Bundles\n description: map of bundle name to BundleInstallSpec. The bundle\n name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData`\n annotation on a constraint.\n templateLibrary:\n type: object\n x-dcl-go-name: TemplateLibrary\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary\n description: Configures the installation of the Template Library.\n x-dcl-server-default: true\n properties:\n installation:\n type: string\n x-dcl-go-name: Installation\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryInstallationEnum\n description: 'Configures the manner in which the template\n library is installed on the cluster. Possible values:\n INSTALLATION_UNSPECIFIED, NOT_INSTALLED, ALL'\n enum:\n - INSTALLATION_UNSPECIFIED\n - NOT_INSTALLED\n - ALL\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of Policy Controller to install. Defaults\n to the latest version.\n x-dcl-server-default: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n") -// 29568 bytes -// MD5: 6b8ad44a9f3a7ea167a5688797017807 +// 30146 bytes +// MD5: 83a10e0d3784ce78d058e07c927c7bd7 diff --git a/services/google/gkehub/alpha/feature_membership_internal.go b/services/google/gkehub/alpha/feature_membership_internal.go index b60bfc33d0..1eb90597c4 100755 --- a/services/google/gkehub/alpha/feature_membership_internal.go +++ b/services/google/gkehub/alpha/feature_membership_internal.go @@ -727,6 +727,11 @@ func canonicalizeFeatureMembershipConfigmanagementConfigSync(des, initial *Featu } else { cDes.SourceFormat = des.SourceFormat } + if dcl.BoolCanonicalize(des.Enabled, initial.Enabled) || dcl.IsZeroValue(des.Enabled) { + cDes.Enabled = initial.Enabled + } else { + cDes.Enabled = des.Enabled + } if dcl.BoolCanonicalize(des.PreventDrift, initial.PreventDrift) || dcl.IsZeroValue(des.PreventDrift) { cDes.PreventDrift = initial.PreventDrift } else { @@ -789,6 +794,9 @@ func canonicalizeNewFeatureMembershipConfigmanagementConfigSync(c *Client, des, if dcl.StringCanonicalize(des.SourceFormat, nw.SourceFormat) { nw.SourceFormat = des.SourceFormat } + if dcl.BoolCanonicalize(des.Enabled, nw.Enabled) { + nw.Enabled = des.Enabled + } if dcl.BoolCanonicalize(des.PreventDrift, nw.PreventDrift) { nw.PreventDrift = des.PreventDrift } @@ -3334,6 +3342,13 @@ func compareFeatureMembershipConfigmanagementConfigSyncNewStyle(d, a interface{} diffs = append(diffs, ds...) } + if ds, err := dcl.Diff(desired.Enabled, actual.Enabled, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("Enabled")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + if ds, err := dcl.Diff(desired.PreventDrift, actual.PreventDrift, dcl.DiffInfo{ServerDefault: true, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("PreventDrift")); len(ds) != 0 || err != nil { if err != nil { return nil, err @@ -4614,6 +4629,9 @@ func expandFeatureMembershipConfigmanagementConfigSync(c *Client, f *FeatureMemb if v := f.SourceFormat; !dcl.IsEmptyValueIndirect(v) { m["sourceFormat"] = v } + if v := f.Enabled; !dcl.IsEmptyValueIndirect(v) { + m["enabled"] = v + } if v := f.PreventDrift; !dcl.IsEmptyValueIndirect(v) { m["preventDrift"] = v } @@ -4644,6 +4662,7 @@ func flattenFeatureMembershipConfigmanagementConfigSync(c *Client, i interface{} } r.Git = flattenFeatureMembershipConfigmanagementConfigSyncGit(c, m["git"], res) r.SourceFormat = dcl.FlattenString(m["sourceFormat"]) + r.Enabled = dcl.FlattenBool(m["enabled"]) r.PreventDrift = dcl.FlattenBool(m["preventDrift"]) r.MetricsGcpServiceAccountEmail = dcl.FlattenString(m["metricsGcpServiceAccountEmail"]) r.Oci = flattenFeatureMembershipConfigmanagementConfigSyncOci(c, m["oci"], res) diff --git a/services/google/gkehub/alpha/feature_membership_schema.go b/services/google/gkehub/alpha/feature_membership_schema.go index fa5f33875c..fe8d0ab660 100755 --- a/services/google/gkehub/alpha/feature_membership_schema.go +++ b/services/google/gkehub/alpha/feature_membership_schema.go @@ -153,6 +153,11 @@ func DCLFeatureMembershipSchema() *dcl.Schema { Description: "Config Sync configuration for the cluster.", SendEmpty: true, Properties: map[string]*dcl.Property{ + "enabled": &dcl.Property{ + Type: "boolean", + GoName: "Enabled", + Description: "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", + }, "git": &dcl.Property{ Type: "object", GoName: "Git", diff --git a/services/google/gkehub/beta/feature_membership.go b/services/google/gkehub/beta/feature_membership.go index 8a9968c938..8e035bc3ed 100755 --- a/services/google/gkehub/beta/feature_membership.go +++ b/services/google/gkehub/beta/feature_membership.go @@ -338,6 +338,7 @@ type FeatureMembershipConfigmanagementConfigSync struct { empty bool `json:"-"` Git *FeatureMembershipConfigmanagementConfigSyncGit `json:"git"` SourceFormat *string `json:"sourceFormat"` + Enabled *bool `json:"enabled"` PreventDrift *bool `json:"preventDrift"` MetricsGcpServiceAccountEmail *string `json:"metricsGcpServiceAccountEmail"` Oci *FeatureMembershipConfigmanagementConfigSyncOci `json:"oci"` @@ -362,6 +363,8 @@ func (r *FeatureMembershipConfigmanagementConfigSync) UnmarshalJSON(data []byte) r.SourceFormat = res.SourceFormat + r.Enabled = res.Enabled + r.PreventDrift = res.PreventDrift r.MetricsGcpServiceAccountEmail = res.MetricsGcpServiceAccountEmail diff --git a/services/google/gkehub/beta/feature_membership.yaml b/services/google/gkehub/beta/feature_membership.yaml index 69064f1b40..d305078c95 100755 --- a/services/google/gkehub/beta/feature_membership.yaml +++ b/services/google/gkehub/beta/feature_membership.yaml @@ -110,6 +110,15 @@ components: description: Config Sync configuration for the cluster. x-dcl-send-empty: true properties: + enabled: + type: boolean + x-dcl-go-name: Enabled + description: Enables the installation of ConfigSync. If set to true, + ConfigSync resources will be created and the other ConfigSync + fields will be applied if exist. If set to false, all other ConfigSync + fields will be ignored, ConfigSync resources will be deleted. + If omitted, ConfigSync resources will be managed depends on the + presence of the git or oci field. git: type: object x-dcl-go-name: Git diff --git a/services/google/gkehub/beta/feature_membership_beta_yaml_embed.go b/services/google/gkehub/beta/feature_membership_beta_yaml_embed.go index f809e672d4..a822b71b81 100755 --- a/services/google/gkehub/beta/feature_membership_beta_yaml_embed.go +++ b/services/google/gkehub/beta/feature_membership_beta_yaml_embed.go @@ -17,7 +17,7 @@ package beta // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/gkehub/beta/feature_membership.yaml -var YAML_feature_membership = []byte("info:\n title: GkeHub/FeatureMembership\n description: The GkeHub FeatureMembership resource\n x-dcl-struct-name: FeatureMembership\n x-dcl-has-iam: false\n x-dcl-mutex: '{{project}}/{{location}}/{{feature}}'\npaths:\n get:\n description: The function used to get information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n apply:\n description: The function used to apply information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n delete:\n description: The function used to delete a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n deleteAll:\n description: The function used to delete all FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n FeatureMembership:\n title: FeatureMembership\n x-dcl-id: projects/{{project}}/locations/{{location}}/features/{{feature}}/memberships/{{membership}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - project\n - location\n - feature\n - membership\n properties:\n configmanagement:\n type: object\n x-dcl-go-name: Configmanagement\n x-dcl-go-type: FeatureMembershipConfigmanagement\n description: Config Management-specific spec.\n properties:\n binauthz:\n type: object\n x-dcl-go-name: Binauthz\n x-dcl-go-type: FeatureMembershipConfigmanagementBinauthz\n description: '**DEPRECATED** Binauthz configuration for the cluster.\n This field will be ignored and should not be set.'\n x-dcl-server-default: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether binauthz is enabled in this cluster.\n x-dcl-parameter: true\n configSync:\n type: object\n x-dcl-go-name: ConfigSync\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSync\n description: Config Sync configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n git:\n type: object\n x-dcl-go-name: Git\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncGit\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: The GCP Service Account Email used for auth when\n secretType is gcpServiceAccount.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n httpsProxy:\n type: string\n x-dcl-go-name: HttpsProxy\n description: URL for the HTTPS proxy to be used when communicating\n with the Git repo.\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The path within the Git repository that represents\n the top level of the repo to sync. Default: the root directory\n of the repository.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the Git\n repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount\n or none. The validation of this is case-sensitive.\n syncBranch:\n type: string\n x-dcl-go-name: SyncBranch\n description: 'The branch of the repository to sync from. Default:\n master.'\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The URL of the Git repository to use as the source\n of truth.\n syncRev:\n type: string\n x-dcl-go-name: SyncRev\n description: Git revision (tag or hash) to check out. Default\n HEAD.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds between consecutive syncs. Default:\n 15.'\n metricsGcpServiceAccountEmail:\n type: string\n x-dcl-go-name: MetricsGcpServiceAccountEmail\n description: The Email of the Google Cloud Service Account (GSA)\n used for exporting Config Sync metrics to Cloud Monitoring. The\n GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter)\n IAM role. The Kubernetes ServiceAccount `default` in the namespace\n `config-management-monitoring` should be bound to the GSA.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n oci:\n type: object\n x-dcl-go-name: Oci\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncOci\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: 'The GCP Service Account Email used for auth when\n secret_type is gcpserviceaccount. '\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The absolute path of the directory that contains\n the local resources. Default: the root directory of the image.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the OCI\n Image. Must be one of gcenode, gcpserviceaccount or none.\n The validation of this is case-sensitive.\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The OCI image repository URL for the package to\n sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds(int64 format) between consecutive\n syncs. Default: 15.'\n preventDrift:\n type: boolean\n x-dcl-go-name: PreventDrift\n description: Set to true to enable the Config Sync admission webhook\n to prevent drifts. If set to `false`, disables the Config Sync\n admission webhook and does not prevent drifts.\n x-dcl-server-default: true\n sourceFormat:\n type: string\n x-dcl-go-name: SourceFormat\n description: Specifies whether the Config Sync Repo is in \"hierarchical\"\n or \"unstructured\" mode.\n hierarchyController:\n type: object\n x-dcl-go-name: HierarchyController\n x-dcl-go-type: FeatureMembershipConfigmanagementHierarchyController\n description: Hierarchy Controller configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enableHierarchicalResourceQuota:\n type: boolean\n x-dcl-go-name: EnableHierarchicalResourceQuota\n description: Whether hierarchical resource quota is enabled in this\n cluster.\n x-dcl-send-empty: true\n enablePodTreeLabels:\n type: boolean\n x-dcl-go-name: EnablePodTreeLabels\n description: Whether pod tree labels are enabled in this cluster.\n x-dcl-send-empty: true\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether Hierarchy Controller is enabled in this cluster.\n x-dcl-send-empty: true\n policyController:\n type: object\n x-dcl-go-name: PolicyController\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyController\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: string\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of Policy Controller. If false,\n the rest of PolicyController fields take no effect.\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enable or disable mutation in policy controller. If\n true, mutation CRDs, webhook and controller deployment will be\n deployed to the cluster.\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n templateLibraryInstalled:\n type: boolean\n x-dcl-go-name: TemplateLibraryInstalled\n description: Installs the default template library along with Policy\n Controller.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of ACM to install. Defaults to the latest\n version.\n x-dcl-server-default: true\n feature:\n type: string\n x-dcl-go-name: Feature\n description: The name of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Feature\n field: name\n parent: true\n x-dcl-parameter: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location of the feature\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n membership:\n type: string\n x-dcl-go-name: Membership\n description: The name of the membership\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Membership\n field: name\n x-dcl-parameter: true\n membershipLocation:\n type: string\n x-dcl-go-name: MembershipLocation\n description: The location of the membership\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n mesh:\n type: object\n x-dcl-go-name: Mesh\n x-dcl-go-type: FeatureMembershipMesh\n description: Manage Mesh Features\n properties:\n controlPlane:\n type: string\n x-dcl-go-name: ControlPlane\n x-dcl-go-type: FeatureMembershipMeshControlPlaneEnum\n description: '**DEPRECATED** Whether to automatically manage Service\n Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED,\n AUTOMATIC, MANUAL'\n enum:\n - CONTROL_PLANE_MANAGEMENT_UNSPECIFIED\n - AUTOMATIC\n - MANUAL\n management:\n type: string\n x-dcl-go-name: Management\n x-dcl-go-type: FeatureMembershipMeshManagementEnum\n description: 'Whether to automatically manage Service Mesh. Possible\n values: MANAGEMENT_UNSPECIFIED, MANAGEMENT_AUTOMATIC, MANAGEMENT_MANUAL'\n enum:\n - MANAGEMENT_UNSPECIFIED\n - MANAGEMENT_AUTOMATIC\n - MANAGEMENT_MANUAL\n policycontroller:\n type: object\n x-dcl-go-name: Policycontroller\n x-dcl-go-type: FeatureMembershipPolicycontroller\n description: Policy Controller-specific spec.\n required:\n - policyControllerHubConfig\n properties:\n policyControllerHubConfig:\n type: object\n x-dcl-go-name: PolicyControllerHubConfig\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfig\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: integer\n format: int64\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n constraintViolationLimit:\n type: integer\n format: int64\n x-dcl-go-name: ConstraintViolationLimit\n description: The maximum number of audit violations to be stored\n in a constraint. If not set, the internal default of 20 will be\n used.\n deploymentConfigs:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigs\n properties:\n containerResources:\n type: object\n x-dcl-go-name: ContainerResources\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResources\n description: Container resource requirements.\n x-dcl-conflicts:\n - replicaCount\n - podAffinity\n - podTolerations\n properties:\n limits:\n type: object\n x-dcl-go-name: Limits\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesLimits\n description: Limits describes the maximum amount of compute\n resources allowed for use by the running container.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n requests:\n type: object\n x-dcl-go-name: Requests\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesRequests\n description: Requests describes the amount of compute\n resources reserved for the container by the kube-scheduler.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n podAffinity:\n type: string\n x-dcl-go-name: PodAffinity\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodAffinityEnum\n description: 'Pod affinity configuration. Possible values:\n AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY'\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podTolerations\n enum:\n - AFFINITY_UNSPECIFIED\n - NO_AFFINITY\n - ANTI_AFFINITY\n podTolerations:\n type: array\n x-dcl-go-name: PodTolerations\n description: Pod tolerations of node taints.\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podAffinity\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodTolerations\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n description: Matches a taint effect.\n key:\n type: string\n x-dcl-go-name: Key\n description: Matches a taint key (not necessarily unique).\n operator:\n type: string\n x-dcl-go-name: Operator\n description: Matches a taint operator.\n value:\n type: string\n x-dcl-go-name: Value\n description: Matches a taint value.\n replicaCount:\n type: integer\n format: int64\n x-dcl-go-name: ReplicaCount\n description: Pod replica count.\n x-dcl-conflicts:\n - containerResources\n - podAffinity\n - podTolerations\n x-dcl-go-name: DeploymentConfigs\n description: Map of deployment configs to deployments (\"admission\",\n \"audit\", \"mutation\").\n x-dcl-server-default: true\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n installSpec:\n type: string\n x-dcl-go-name: InstallSpec\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigInstallSpecEnum\n description: 'Configures the mode of the Policy Controller installation.\n Possible values: INSTALL_SPEC_UNSPECIFIED, INSTALL_SPEC_NOT_INSTALLED,\n INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED, INSTALL_SPEC_DETACHED'\n enum:\n - INSTALL_SPEC_UNSPECIFIED\n - INSTALL_SPEC_NOT_INSTALLED\n - INSTALL_SPEC_ENABLED\n - INSTALL_SPEC_SUSPENDED\n - INSTALL_SPEC_DETACHED\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enables the ability to mutate resources using Policy\n Controller.\n policyContent:\n type: object\n x-dcl-go-name: PolicyContent\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent\n description: Specifies the desired policy content on the cluster.\n x-dcl-server-default: true\n properties:\n bundles:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundles\n properties:\n exemptedNamespaces:\n type: array\n x-dcl-go-name: ExemptedNamespaces\n description: The set of namespaces to be exempted from\n the bundle.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n x-dcl-go-name: Bundles\n description: map of bundle name to BundleInstallSpec. The bundle\n name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData`\n annotation on a constraint.\n templateLibrary:\n type: object\n x-dcl-go-name: TemplateLibrary\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary\n description: Configures the installation of the Template Library.\n x-dcl-server-default: true\n properties:\n installation:\n type: string\n x-dcl-go-name: Installation\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryInstallationEnum\n description: 'Configures the manner in which the template\n library is installed on the cluster. Possible values:\n INSTALLATION_UNSPECIFIED, NOT_INSTALLED, ALL'\n enum:\n - INSTALLATION_UNSPECIFIED\n - NOT_INSTALLED\n - ALL\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of Policy Controller to install. Defaults\n to the latest version.\n x-dcl-server-default: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n") +var YAML_feature_membership = []byte("info:\n title: GkeHub/FeatureMembership\n description: The GkeHub FeatureMembership resource\n x-dcl-struct-name: FeatureMembership\n x-dcl-has-iam: false\n x-dcl-mutex: '{{project}}/{{location}}/{{feature}}'\npaths:\n get:\n description: The function used to get information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n apply:\n description: The function used to apply information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n delete:\n description: The function used to delete a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n deleteAll:\n description: The function used to delete all FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n FeatureMembership:\n title: FeatureMembership\n x-dcl-id: projects/{{project}}/locations/{{location}}/features/{{feature}}/memberships/{{membership}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - project\n - location\n - feature\n - membership\n properties:\n configmanagement:\n type: object\n x-dcl-go-name: Configmanagement\n x-dcl-go-type: FeatureMembershipConfigmanagement\n description: Config Management-specific spec.\n properties:\n binauthz:\n type: object\n x-dcl-go-name: Binauthz\n x-dcl-go-type: FeatureMembershipConfigmanagementBinauthz\n description: '**DEPRECATED** Binauthz configuration for the cluster.\n This field will be ignored and should not be set.'\n x-dcl-server-default: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether binauthz is enabled in this cluster.\n x-dcl-parameter: true\n configSync:\n type: object\n x-dcl-go-name: ConfigSync\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSync\n description: Config Sync configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of ConfigSync. If set to true,\n ConfigSync resources will be created and the other ConfigSync\n fields will be applied if exist. If set to false, all other ConfigSync\n fields will be ignored, ConfigSync resources will be deleted.\n If omitted, ConfigSync resources will be managed depends on the\n presence of the git or oci field.\n git:\n type: object\n x-dcl-go-name: Git\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncGit\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: The GCP Service Account Email used for auth when\n secretType is gcpServiceAccount.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n httpsProxy:\n type: string\n x-dcl-go-name: HttpsProxy\n description: URL for the HTTPS proxy to be used when communicating\n with the Git repo.\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The path within the Git repository that represents\n the top level of the repo to sync. Default: the root directory\n of the repository.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the Git\n repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount\n or none. The validation of this is case-sensitive.\n syncBranch:\n type: string\n x-dcl-go-name: SyncBranch\n description: 'The branch of the repository to sync from. Default:\n master.'\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The URL of the Git repository to use as the source\n of truth.\n syncRev:\n type: string\n x-dcl-go-name: SyncRev\n description: Git revision (tag or hash) to check out. Default\n HEAD.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds between consecutive syncs. Default:\n 15.'\n metricsGcpServiceAccountEmail:\n type: string\n x-dcl-go-name: MetricsGcpServiceAccountEmail\n description: The Email of the Google Cloud Service Account (GSA)\n used for exporting Config Sync metrics to Cloud Monitoring. The\n GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter)\n IAM role. The Kubernetes ServiceAccount `default` in the namespace\n `config-management-monitoring` should be bound to the GSA.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n oci:\n type: object\n x-dcl-go-name: Oci\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncOci\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: 'The GCP Service Account Email used for auth when\n secret_type is gcpserviceaccount. '\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The absolute path of the directory that contains\n the local resources. Default: the root directory of the image.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the OCI\n Image. Must be one of gcenode, gcpserviceaccount or none.\n The validation of this is case-sensitive.\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The OCI image repository URL for the package to\n sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds(int64 format) between consecutive\n syncs. Default: 15.'\n preventDrift:\n type: boolean\n x-dcl-go-name: PreventDrift\n description: Set to true to enable the Config Sync admission webhook\n to prevent drifts. If set to `false`, disables the Config Sync\n admission webhook and does not prevent drifts.\n x-dcl-server-default: true\n sourceFormat:\n type: string\n x-dcl-go-name: SourceFormat\n description: Specifies whether the Config Sync Repo is in \"hierarchical\"\n or \"unstructured\" mode.\n hierarchyController:\n type: object\n x-dcl-go-name: HierarchyController\n x-dcl-go-type: FeatureMembershipConfigmanagementHierarchyController\n description: Hierarchy Controller configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enableHierarchicalResourceQuota:\n type: boolean\n x-dcl-go-name: EnableHierarchicalResourceQuota\n description: Whether hierarchical resource quota is enabled in this\n cluster.\n x-dcl-send-empty: true\n enablePodTreeLabels:\n type: boolean\n x-dcl-go-name: EnablePodTreeLabels\n description: Whether pod tree labels are enabled in this cluster.\n x-dcl-send-empty: true\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether Hierarchy Controller is enabled in this cluster.\n x-dcl-send-empty: true\n policyController:\n type: object\n x-dcl-go-name: PolicyController\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyController\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: string\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of Policy Controller. If false,\n the rest of PolicyController fields take no effect.\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enable or disable mutation in policy controller. If\n true, mutation CRDs, webhook and controller deployment will be\n deployed to the cluster.\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n templateLibraryInstalled:\n type: boolean\n x-dcl-go-name: TemplateLibraryInstalled\n description: Installs the default template library along with Policy\n Controller.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of ACM to install. Defaults to the latest\n version.\n x-dcl-server-default: true\n feature:\n type: string\n x-dcl-go-name: Feature\n description: The name of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Feature\n field: name\n parent: true\n x-dcl-parameter: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location of the feature\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n membership:\n type: string\n x-dcl-go-name: Membership\n description: The name of the membership\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Membership\n field: name\n x-dcl-parameter: true\n membershipLocation:\n type: string\n x-dcl-go-name: MembershipLocation\n description: The location of the membership\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n mesh:\n type: object\n x-dcl-go-name: Mesh\n x-dcl-go-type: FeatureMembershipMesh\n description: Manage Mesh Features\n properties:\n controlPlane:\n type: string\n x-dcl-go-name: ControlPlane\n x-dcl-go-type: FeatureMembershipMeshControlPlaneEnum\n description: '**DEPRECATED** Whether to automatically manage Service\n Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED,\n AUTOMATIC, MANUAL'\n enum:\n - CONTROL_PLANE_MANAGEMENT_UNSPECIFIED\n - AUTOMATIC\n - MANUAL\n management:\n type: string\n x-dcl-go-name: Management\n x-dcl-go-type: FeatureMembershipMeshManagementEnum\n description: 'Whether to automatically manage Service Mesh. Possible\n values: MANAGEMENT_UNSPECIFIED, MANAGEMENT_AUTOMATIC, MANAGEMENT_MANUAL'\n enum:\n - MANAGEMENT_UNSPECIFIED\n - MANAGEMENT_AUTOMATIC\n - MANAGEMENT_MANUAL\n policycontroller:\n type: object\n x-dcl-go-name: Policycontroller\n x-dcl-go-type: FeatureMembershipPolicycontroller\n description: Policy Controller-specific spec.\n required:\n - policyControllerHubConfig\n properties:\n policyControllerHubConfig:\n type: object\n x-dcl-go-name: PolicyControllerHubConfig\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfig\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: integer\n format: int64\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n constraintViolationLimit:\n type: integer\n format: int64\n x-dcl-go-name: ConstraintViolationLimit\n description: The maximum number of audit violations to be stored\n in a constraint. If not set, the internal default of 20 will be\n used.\n deploymentConfigs:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigs\n properties:\n containerResources:\n type: object\n x-dcl-go-name: ContainerResources\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResources\n description: Container resource requirements.\n x-dcl-conflicts:\n - replicaCount\n - podAffinity\n - podTolerations\n properties:\n limits:\n type: object\n x-dcl-go-name: Limits\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesLimits\n description: Limits describes the maximum amount of compute\n resources allowed for use by the running container.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n requests:\n type: object\n x-dcl-go-name: Requests\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesRequests\n description: Requests describes the amount of compute\n resources reserved for the container by the kube-scheduler.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n podAffinity:\n type: string\n x-dcl-go-name: PodAffinity\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodAffinityEnum\n description: 'Pod affinity configuration. Possible values:\n AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY'\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podTolerations\n enum:\n - AFFINITY_UNSPECIFIED\n - NO_AFFINITY\n - ANTI_AFFINITY\n podTolerations:\n type: array\n x-dcl-go-name: PodTolerations\n description: Pod tolerations of node taints.\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podAffinity\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodTolerations\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n description: Matches a taint effect.\n key:\n type: string\n x-dcl-go-name: Key\n description: Matches a taint key (not necessarily unique).\n operator:\n type: string\n x-dcl-go-name: Operator\n description: Matches a taint operator.\n value:\n type: string\n x-dcl-go-name: Value\n description: Matches a taint value.\n replicaCount:\n type: integer\n format: int64\n x-dcl-go-name: ReplicaCount\n description: Pod replica count.\n x-dcl-conflicts:\n - containerResources\n - podAffinity\n - podTolerations\n x-dcl-go-name: DeploymentConfigs\n description: Map of deployment configs to deployments (\"admission\",\n \"audit\", \"mutation\").\n x-dcl-server-default: true\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n installSpec:\n type: string\n x-dcl-go-name: InstallSpec\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigInstallSpecEnum\n description: 'Configures the mode of the Policy Controller installation.\n Possible values: INSTALL_SPEC_UNSPECIFIED, INSTALL_SPEC_NOT_INSTALLED,\n INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED, INSTALL_SPEC_DETACHED'\n enum:\n - INSTALL_SPEC_UNSPECIFIED\n - INSTALL_SPEC_NOT_INSTALLED\n - INSTALL_SPEC_ENABLED\n - INSTALL_SPEC_SUSPENDED\n - INSTALL_SPEC_DETACHED\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enables the ability to mutate resources using Policy\n Controller.\n policyContent:\n type: object\n x-dcl-go-name: PolicyContent\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent\n description: Specifies the desired policy content on the cluster.\n x-dcl-server-default: true\n properties:\n bundles:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundles\n properties:\n exemptedNamespaces:\n type: array\n x-dcl-go-name: ExemptedNamespaces\n description: The set of namespaces to be exempted from\n the bundle.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n x-dcl-go-name: Bundles\n description: map of bundle name to BundleInstallSpec. The bundle\n name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData`\n annotation on a constraint.\n templateLibrary:\n type: object\n x-dcl-go-name: TemplateLibrary\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary\n description: Configures the installation of the Template Library.\n x-dcl-server-default: true\n properties:\n installation:\n type: string\n x-dcl-go-name: Installation\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryInstallationEnum\n description: 'Configures the manner in which the template\n library is installed on the cluster. Possible values:\n INSTALLATION_UNSPECIFIED, NOT_INSTALLED, ALL'\n enum:\n - INSTALLATION_UNSPECIFIED\n - NOT_INSTALLED\n - ALL\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of Policy Controller to install. Defaults\n to the latest version.\n x-dcl-server-default: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n") -// 29568 bytes -// MD5: 6b8ad44a9f3a7ea167a5688797017807 +// 30146 bytes +// MD5: 83a10e0d3784ce78d058e07c927c7bd7 diff --git a/services/google/gkehub/beta/feature_membership_internal.go b/services/google/gkehub/beta/feature_membership_internal.go index 46b657778a..cfd43cdc14 100755 --- a/services/google/gkehub/beta/feature_membership_internal.go +++ b/services/google/gkehub/beta/feature_membership_internal.go @@ -727,6 +727,11 @@ func canonicalizeFeatureMembershipConfigmanagementConfigSync(des, initial *Featu } else { cDes.SourceFormat = des.SourceFormat } + if dcl.BoolCanonicalize(des.Enabled, initial.Enabled) || dcl.IsZeroValue(des.Enabled) { + cDes.Enabled = initial.Enabled + } else { + cDes.Enabled = des.Enabled + } if dcl.BoolCanonicalize(des.PreventDrift, initial.PreventDrift) || dcl.IsZeroValue(des.PreventDrift) { cDes.PreventDrift = initial.PreventDrift } else { @@ -789,6 +794,9 @@ func canonicalizeNewFeatureMembershipConfigmanagementConfigSync(c *Client, des, if dcl.StringCanonicalize(des.SourceFormat, nw.SourceFormat) { nw.SourceFormat = des.SourceFormat } + if dcl.BoolCanonicalize(des.Enabled, nw.Enabled) { + nw.Enabled = des.Enabled + } if dcl.BoolCanonicalize(des.PreventDrift, nw.PreventDrift) { nw.PreventDrift = des.PreventDrift } @@ -3334,6 +3342,13 @@ func compareFeatureMembershipConfigmanagementConfigSyncNewStyle(d, a interface{} diffs = append(diffs, ds...) } + if ds, err := dcl.Diff(desired.Enabled, actual.Enabled, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("Enabled")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + if ds, err := dcl.Diff(desired.PreventDrift, actual.PreventDrift, dcl.DiffInfo{ServerDefault: true, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("PreventDrift")); len(ds) != 0 || err != nil { if err != nil { return nil, err @@ -4614,6 +4629,9 @@ func expandFeatureMembershipConfigmanagementConfigSync(c *Client, f *FeatureMemb if v := f.SourceFormat; !dcl.IsEmptyValueIndirect(v) { m["sourceFormat"] = v } + if v := f.Enabled; !dcl.IsEmptyValueIndirect(v) { + m["enabled"] = v + } if v := f.PreventDrift; !dcl.IsEmptyValueIndirect(v) { m["preventDrift"] = v } @@ -4644,6 +4662,7 @@ func flattenFeatureMembershipConfigmanagementConfigSync(c *Client, i interface{} } r.Git = flattenFeatureMembershipConfigmanagementConfigSyncGit(c, m["git"], res) r.SourceFormat = dcl.FlattenString(m["sourceFormat"]) + r.Enabled = dcl.FlattenBool(m["enabled"]) r.PreventDrift = dcl.FlattenBool(m["preventDrift"]) r.MetricsGcpServiceAccountEmail = dcl.FlattenString(m["metricsGcpServiceAccountEmail"]) r.Oci = flattenFeatureMembershipConfigmanagementConfigSyncOci(c, m["oci"], res) diff --git a/services/google/gkehub/beta/feature_membership_schema.go b/services/google/gkehub/beta/feature_membership_schema.go index 5506ecf43f..119cd7a700 100755 --- a/services/google/gkehub/beta/feature_membership_schema.go +++ b/services/google/gkehub/beta/feature_membership_schema.go @@ -153,6 +153,11 @@ func DCLFeatureMembershipSchema() *dcl.Schema { Description: "Config Sync configuration for the cluster.", SendEmpty: true, Properties: map[string]*dcl.Property{ + "enabled": &dcl.Property{ + Type: "boolean", + GoName: "Enabled", + Description: "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", + }, "git": &dcl.Property{ Type: "object", GoName: "Git", diff --git a/services/google/gkehub/feature_membership.go b/services/google/gkehub/feature_membership.go index 2b4b09b5dd..577df0cb63 100755 --- a/services/google/gkehub/feature_membership.go +++ b/services/google/gkehub/feature_membership.go @@ -338,6 +338,7 @@ type FeatureMembershipConfigmanagementConfigSync struct { empty bool `json:"-"` Git *FeatureMembershipConfigmanagementConfigSyncGit `json:"git"` SourceFormat *string `json:"sourceFormat"` + Enabled *bool `json:"enabled"` PreventDrift *bool `json:"preventDrift"` MetricsGcpServiceAccountEmail *string `json:"metricsGcpServiceAccountEmail"` Oci *FeatureMembershipConfigmanagementConfigSyncOci `json:"oci"` @@ -362,6 +363,8 @@ func (r *FeatureMembershipConfigmanagementConfigSync) UnmarshalJSON(data []byte) r.SourceFormat = res.SourceFormat + r.Enabled = res.Enabled + r.PreventDrift = res.PreventDrift r.MetricsGcpServiceAccountEmail = res.MetricsGcpServiceAccountEmail diff --git a/services/google/gkehub/feature_membership.yaml b/services/google/gkehub/feature_membership.yaml index 69064f1b40..d305078c95 100755 --- a/services/google/gkehub/feature_membership.yaml +++ b/services/google/gkehub/feature_membership.yaml @@ -110,6 +110,15 @@ components: description: Config Sync configuration for the cluster. x-dcl-send-empty: true properties: + enabled: + type: boolean + x-dcl-go-name: Enabled + description: Enables the installation of ConfigSync. If set to true, + ConfigSync resources will be created and the other ConfigSync + fields will be applied if exist. If set to false, all other ConfigSync + fields will be ignored, ConfigSync resources will be deleted. + If omitted, ConfigSync resources will be managed depends on the + presence of the git or oci field. git: type: object x-dcl-go-name: Git diff --git a/services/google/gkehub/feature_membership_internal.go b/services/google/gkehub/feature_membership_internal.go index 41541f0a0c..fc43718ec8 100755 --- a/services/google/gkehub/feature_membership_internal.go +++ b/services/google/gkehub/feature_membership_internal.go @@ -727,6 +727,11 @@ func canonicalizeFeatureMembershipConfigmanagementConfigSync(des, initial *Featu } else { cDes.SourceFormat = des.SourceFormat } + if dcl.BoolCanonicalize(des.Enabled, initial.Enabled) || dcl.IsZeroValue(des.Enabled) { + cDes.Enabled = initial.Enabled + } else { + cDes.Enabled = des.Enabled + } if dcl.BoolCanonicalize(des.PreventDrift, initial.PreventDrift) || dcl.IsZeroValue(des.PreventDrift) { cDes.PreventDrift = initial.PreventDrift } else { @@ -789,6 +794,9 @@ func canonicalizeNewFeatureMembershipConfigmanagementConfigSync(c *Client, des, if dcl.StringCanonicalize(des.SourceFormat, nw.SourceFormat) { nw.SourceFormat = des.SourceFormat } + if dcl.BoolCanonicalize(des.Enabled, nw.Enabled) { + nw.Enabled = des.Enabled + } if dcl.BoolCanonicalize(des.PreventDrift, nw.PreventDrift) { nw.PreventDrift = des.PreventDrift } @@ -3334,6 +3342,13 @@ func compareFeatureMembershipConfigmanagementConfigSyncNewStyle(d, a interface{} diffs = append(diffs, ds...) } + if ds, err := dcl.Diff(desired.Enabled, actual.Enabled, dcl.DiffInfo{OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("Enabled")); len(ds) != 0 || err != nil { + if err != nil { + return nil, err + } + diffs = append(diffs, ds...) + } + if ds, err := dcl.Diff(desired.PreventDrift, actual.PreventDrift, dcl.DiffInfo{ServerDefault: true, OperationSelector: dcl.RequiresRecreate()}, fn.AddNest("PreventDrift")); len(ds) != 0 || err != nil { if err != nil { return nil, err @@ -4614,6 +4629,9 @@ func expandFeatureMembershipConfigmanagementConfigSync(c *Client, f *FeatureMemb if v := f.SourceFormat; !dcl.IsEmptyValueIndirect(v) { m["sourceFormat"] = v } + if v := f.Enabled; !dcl.IsEmptyValueIndirect(v) { + m["enabled"] = v + } if v := f.PreventDrift; !dcl.IsEmptyValueIndirect(v) { m["preventDrift"] = v } @@ -4644,6 +4662,7 @@ func flattenFeatureMembershipConfigmanagementConfigSync(c *Client, i interface{} } r.Git = flattenFeatureMembershipConfigmanagementConfigSyncGit(c, m["git"], res) r.SourceFormat = dcl.FlattenString(m["sourceFormat"]) + r.Enabled = dcl.FlattenBool(m["enabled"]) r.PreventDrift = dcl.FlattenBool(m["preventDrift"]) r.MetricsGcpServiceAccountEmail = dcl.FlattenString(m["metricsGcpServiceAccountEmail"]) r.Oci = flattenFeatureMembershipConfigmanagementConfigSyncOci(c, m["oci"], res) diff --git a/services/google/gkehub/feature_membership_schema.go b/services/google/gkehub/feature_membership_schema.go index cb8480a787..f1791c1137 100755 --- a/services/google/gkehub/feature_membership_schema.go +++ b/services/google/gkehub/feature_membership_schema.go @@ -153,6 +153,11 @@ func DCLFeatureMembershipSchema() *dcl.Schema { Description: "Config Sync configuration for the cluster.", SendEmpty: true, Properties: map[string]*dcl.Property{ + "enabled": &dcl.Property{ + Type: "boolean", + GoName: "Enabled", + Description: "Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.", + }, "git": &dcl.Property{ Type: "object", GoName: "Git", diff --git a/services/google/gkehub/feature_membership_yaml_embed.go b/services/google/gkehub/feature_membership_yaml_embed.go index ff8071149e..48b733e716 100755 --- a/services/google/gkehub/feature_membership_yaml_embed.go +++ b/services/google/gkehub/feature_membership_yaml_embed.go @@ -17,7 +17,7 @@ package gkehub // blaze-out/k8-fastbuild/genfiles/cloud/graphite/mmv2/services/google/gkehub/feature_membership.yaml -var YAML_feature_membership = []byte("info:\n title: GkeHub/FeatureMembership\n description: The GkeHub FeatureMembership resource\n x-dcl-struct-name: FeatureMembership\n x-dcl-has-iam: false\n x-dcl-mutex: '{{project}}/{{location}}/{{feature}}'\npaths:\n get:\n description: The function used to get information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n apply:\n description: The function used to apply information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n delete:\n description: The function used to delete a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n deleteAll:\n description: The function used to delete all FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n FeatureMembership:\n title: FeatureMembership\n x-dcl-id: projects/{{project}}/locations/{{location}}/features/{{feature}}/memberships/{{membership}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - project\n - location\n - feature\n - membership\n properties:\n configmanagement:\n type: object\n x-dcl-go-name: Configmanagement\n x-dcl-go-type: FeatureMembershipConfigmanagement\n description: Config Management-specific spec.\n properties:\n binauthz:\n type: object\n x-dcl-go-name: Binauthz\n x-dcl-go-type: FeatureMembershipConfigmanagementBinauthz\n description: '**DEPRECATED** Binauthz configuration for the cluster.\n This field will be ignored and should not be set.'\n x-dcl-server-default: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether binauthz is enabled in this cluster.\n x-dcl-parameter: true\n configSync:\n type: object\n x-dcl-go-name: ConfigSync\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSync\n description: Config Sync configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n git:\n type: object\n x-dcl-go-name: Git\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncGit\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: The GCP Service Account Email used for auth when\n secretType is gcpServiceAccount.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n httpsProxy:\n type: string\n x-dcl-go-name: HttpsProxy\n description: URL for the HTTPS proxy to be used when communicating\n with the Git repo.\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The path within the Git repository that represents\n the top level of the repo to sync. Default: the root directory\n of the repository.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the Git\n repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount\n or none. The validation of this is case-sensitive.\n syncBranch:\n type: string\n x-dcl-go-name: SyncBranch\n description: 'The branch of the repository to sync from. Default:\n master.'\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The URL of the Git repository to use as the source\n of truth.\n syncRev:\n type: string\n x-dcl-go-name: SyncRev\n description: Git revision (tag or hash) to check out. Default\n HEAD.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds between consecutive syncs. Default:\n 15.'\n metricsGcpServiceAccountEmail:\n type: string\n x-dcl-go-name: MetricsGcpServiceAccountEmail\n description: The Email of the Google Cloud Service Account (GSA)\n used for exporting Config Sync metrics to Cloud Monitoring. The\n GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter)\n IAM role. The Kubernetes ServiceAccount `default` in the namespace\n `config-management-monitoring` should be bound to the GSA.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n oci:\n type: object\n x-dcl-go-name: Oci\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncOci\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: 'The GCP Service Account Email used for auth when\n secret_type is gcpserviceaccount. '\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The absolute path of the directory that contains\n the local resources. Default: the root directory of the image.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the OCI\n Image. Must be one of gcenode, gcpserviceaccount or none.\n The validation of this is case-sensitive.\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The OCI image repository URL for the package to\n sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds(int64 format) between consecutive\n syncs. Default: 15.'\n preventDrift:\n type: boolean\n x-dcl-go-name: PreventDrift\n description: Set to true to enable the Config Sync admission webhook\n to prevent drifts. If set to `false`, disables the Config Sync\n admission webhook and does not prevent drifts.\n x-dcl-server-default: true\n sourceFormat:\n type: string\n x-dcl-go-name: SourceFormat\n description: Specifies whether the Config Sync Repo is in \"hierarchical\"\n or \"unstructured\" mode.\n hierarchyController:\n type: object\n x-dcl-go-name: HierarchyController\n x-dcl-go-type: FeatureMembershipConfigmanagementHierarchyController\n description: Hierarchy Controller configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enableHierarchicalResourceQuota:\n type: boolean\n x-dcl-go-name: EnableHierarchicalResourceQuota\n description: Whether hierarchical resource quota is enabled in this\n cluster.\n x-dcl-send-empty: true\n enablePodTreeLabels:\n type: boolean\n x-dcl-go-name: EnablePodTreeLabels\n description: Whether pod tree labels are enabled in this cluster.\n x-dcl-send-empty: true\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether Hierarchy Controller is enabled in this cluster.\n x-dcl-send-empty: true\n policyController:\n type: object\n x-dcl-go-name: PolicyController\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyController\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: string\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of Policy Controller. If false,\n the rest of PolicyController fields take no effect.\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enable or disable mutation in policy controller. If\n true, mutation CRDs, webhook and controller deployment will be\n deployed to the cluster.\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n templateLibraryInstalled:\n type: boolean\n x-dcl-go-name: TemplateLibraryInstalled\n description: Installs the default template library along with Policy\n Controller.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of ACM to install. Defaults to the latest\n version.\n x-dcl-server-default: true\n feature:\n type: string\n x-dcl-go-name: Feature\n description: The name of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Feature\n field: name\n parent: true\n x-dcl-parameter: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location of the feature\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n membership:\n type: string\n x-dcl-go-name: Membership\n description: The name of the membership\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Membership\n field: name\n x-dcl-parameter: true\n membershipLocation:\n type: string\n x-dcl-go-name: MembershipLocation\n description: The location of the membership\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n mesh:\n type: object\n x-dcl-go-name: Mesh\n x-dcl-go-type: FeatureMembershipMesh\n description: Manage Mesh Features\n properties:\n controlPlane:\n type: string\n x-dcl-go-name: ControlPlane\n x-dcl-go-type: FeatureMembershipMeshControlPlaneEnum\n description: '**DEPRECATED** Whether to automatically manage Service\n Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED,\n AUTOMATIC, MANUAL'\n enum:\n - CONTROL_PLANE_MANAGEMENT_UNSPECIFIED\n - AUTOMATIC\n - MANUAL\n management:\n type: string\n x-dcl-go-name: Management\n x-dcl-go-type: FeatureMembershipMeshManagementEnum\n description: 'Whether to automatically manage Service Mesh. Possible\n values: MANAGEMENT_UNSPECIFIED, MANAGEMENT_AUTOMATIC, MANAGEMENT_MANUAL'\n enum:\n - MANAGEMENT_UNSPECIFIED\n - MANAGEMENT_AUTOMATIC\n - MANAGEMENT_MANUAL\n policycontroller:\n type: object\n x-dcl-go-name: Policycontroller\n x-dcl-go-type: FeatureMembershipPolicycontroller\n description: Policy Controller-specific spec.\n required:\n - policyControllerHubConfig\n properties:\n policyControllerHubConfig:\n type: object\n x-dcl-go-name: PolicyControllerHubConfig\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfig\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: integer\n format: int64\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n constraintViolationLimit:\n type: integer\n format: int64\n x-dcl-go-name: ConstraintViolationLimit\n description: The maximum number of audit violations to be stored\n in a constraint. If not set, the internal default of 20 will be\n used.\n deploymentConfigs:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigs\n properties:\n containerResources:\n type: object\n x-dcl-go-name: ContainerResources\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResources\n description: Container resource requirements.\n x-dcl-conflicts:\n - replicaCount\n - podAffinity\n - podTolerations\n properties:\n limits:\n type: object\n x-dcl-go-name: Limits\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesLimits\n description: Limits describes the maximum amount of compute\n resources allowed for use by the running container.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n requests:\n type: object\n x-dcl-go-name: Requests\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesRequests\n description: Requests describes the amount of compute\n resources reserved for the container by the kube-scheduler.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n podAffinity:\n type: string\n x-dcl-go-name: PodAffinity\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodAffinityEnum\n description: 'Pod affinity configuration. Possible values:\n AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY'\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podTolerations\n enum:\n - AFFINITY_UNSPECIFIED\n - NO_AFFINITY\n - ANTI_AFFINITY\n podTolerations:\n type: array\n x-dcl-go-name: PodTolerations\n description: Pod tolerations of node taints.\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podAffinity\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodTolerations\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n description: Matches a taint effect.\n key:\n type: string\n x-dcl-go-name: Key\n description: Matches a taint key (not necessarily unique).\n operator:\n type: string\n x-dcl-go-name: Operator\n description: Matches a taint operator.\n value:\n type: string\n x-dcl-go-name: Value\n description: Matches a taint value.\n replicaCount:\n type: integer\n format: int64\n x-dcl-go-name: ReplicaCount\n description: Pod replica count.\n x-dcl-conflicts:\n - containerResources\n - podAffinity\n - podTolerations\n x-dcl-go-name: DeploymentConfigs\n description: Map of deployment configs to deployments (\"admission\",\n \"audit\", \"mutation\").\n x-dcl-server-default: true\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n installSpec:\n type: string\n x-dcl-go-name: InstallSpec\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigInstallSpecEnum\n description: 'Configures the mode of the Policy Controller installation.\n Possible values: INSTALL_SPEC_UNSPECIFIED, INSTALL_SPEC_NOT_INSTALLED,\n INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED, INSTALL_SPEC_DETACHED'\n enum:\n - INSTALL_SPEC_UNSPECIFIED\n - INSTALL_SPEC_NOT_INSTALLED\n - INSTALL_SPEC_ENABLED\n - INSTALL_SPEC_SUSPENDED\n - INSTALL_SPEC_DETACHED\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enables the ability to mutate resources using Policy\n Controller.\n policyContent:\n type: object\n x-dcl-go-name: PolicyContent\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent\n description: Specifies the desired policy content on the cluster.\n x-dcl-server-default: true\n properties:\n bundles:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundles\n properties:\n exemptedNamespaces:\n type: array\n x-dcl-go-name: ExemptedNamespaces\n description: The set of namespaces to be exempted from\n the bundle.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n x-dcl-go-name: Bundles\n description: map of bundle name to BundleInstallSpec. The bundle\n name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData`\n annotation on a constraint.\n templateLibrary:\n type: object\n x-dcl-go-name: TemplateLibrary\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary\n description: Configures the installation of the Template Library.\n x-dcl-server-default: true\n properties:\n installation:\n type: string\n x-dcl-go-name: Installation\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryInstallationEnum\n description: 'Configures the manner in which the template\n library is installed on the cluster. Possible values:\n INSTALLATION_UNSPECIFIED, NOT_INSTALLED, ALL'\n enum:\n - INSTALLATION_UNSPECIFIED\n - NOT_INSTALLED\n - ALL\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of Policy Controller to install. Defaults\n to the latest version.\n x-dcl-server-default: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n") +var YAML_feature_membership = []byte("info:\n title: GkeHub/FeatureMembership\n description: The GkeHub FeatureMembership resource\n x-dcl-struct-name: FeatureMembership\n x-dcl-has-iam: false\n x-dcl-mutex: '{{project}}/{{location}}/{{feature}}'\npaths:\n get:\n description: The function used to get information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n apply:\n description: The function used to apply information about a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n delete:\n description: The function used to delete a FeatureMembership\n parameters:\n - name: featureMembership\n required: true\n description: A full instance of a FeatureMembership\n deleteAll:\n description: The function used to delete all FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\n list:\n description: The function used to list information about many FeatureMembership\n parameters:\n - name: project\n required: true\n schema:\n type: string\n - name: location\n required: true\n schema:\n type: string\n - name: feature\n required: true\n schema:\n type: string\ncomponents:\n schemas:\n FeatureMembership:\n title: FeatureMembership\n x-dcl-id: projects/{{project}}/locations/{{location}}/features/{{feature}}/memberships/{{membership}}\n x-dcl-parent-container: project\n x-dcl-has-create: true\n x-dcl-has-iam: false\n x-dcl-read-timeout: 0\n x-dcl-apply-timeout: 0\n x-dcl-delete-timeout: 0\n type: object\n required:\n - project\n - location\n - feature\n - membership\n properties:\n configmanagement:\n type: object\n x-dcl-go-name: Configmanagement\n x-dcl-go-type: FeatureMembershipConfigmanagement\n description: Config Management-specific spec.\n properties:\n binauthz:\n type: object\n x-dcl-go-name: Binauthz\n x-dcl-go-type: FeatureMembershipConfigmanagementBinauthz\n description: '**DEPRECATED** Binauthz configuration for the cluster.\n This field will be ignored and should not be set.'\n x-dcl-server-default: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether binauthz is enabled in this cluster.\n x-dcl-parameter: true\n configSync:\n type: object\n x-dcl-go-name: ConfigSync\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSync\n description: Config Sync configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of ConfigSync. If set to true,\n ConfigSync resources will be created and the other ConfigSync\n fields will be applied if exist. If set to false, all other ConfigSync\n fields will be ignored, ConfigSync resources will be deleted.\n If omitted, ConfigSync resources will be managed depends on the\n presence of the git or oci field.\n git:\n type: object\n x-dcl-go-name: Git\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncGit\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: The GCP Service Account Email used for auth when\n secretType is gcpServiceAccount.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n httpsProxy:\n type: string\n x-dcl-go-name: HttpsProxy\n description: URL for the HTTPS proxy to be used when communicating\n with the Git repo.\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The path within the Git repository that represents\n the top level of the repo to sync. Default: the root directory\n of the repository.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the Git\n repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount\n or none. The validation of this is case-sensitive.\n syncBranch:\n type: string\n x-dcl-go-name: SyncBranch\n description: 'The branch of the repository to sync from. Default:\n master.'\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The URL of the Git repository to use as the source\n of truth.\n syncRev:\n type: string\n x-dcl-go-name: SyncRev\n description: Git revision (tag or hash) to check out. Default\n HEAD.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds between consecutive syncs. Default:\n 15.'\n metricsGcpServiceAccountEmail:\n type: string\n x-dcl-go-name: MetricsGcpServiceAccountEmail\n description: The Email of the Google Cloud Service Account (GSA)\n used for exporting Config Sync metrics to Cloud Monitoring. The\n GSA should have the Monitoring Metric Writer(roles/monitoring.metricWriter)\n IAM role. The Kubernetes ServiceAccount `default` in the namespace\n `config-management-monitoring` should be bound to the GSA.\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n oci:\n type: object\n x-dcl-go-name: Oci\n x-dcl-go-type: FeatureMembershipConfigmanagementConfigSyncOci\n properties:\n gcpServiceAccountEmail:\n type: string\n x-dcl-go-name: GcpServiceAccountEmail\n description: 'The GCP Service Account Email used for auth when\n secret_type is gcpserviceaccount. '\n x-dcl-references:\n - resource: Iam/ServiceAccount\n field: email\n policyDir:\n type: string\n x-dcl-go-name: PolicyDir\n description: 'The absolute path of the directory that contains\n the local resources. Default: the root directory of the image.'\n secretType:\n type: string\n x-dcl-go-name: SecretType\n description: Type of secret configured for access to the OCI\n Image. Must be one of gcenode, gcpserviceaccount or none.\n The validation of this is case-sensitive.\n syncRepo:\n type: string\n x-dcl-go-name: SyncRepo\n description: The OCI image repository URL for the package to\n sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.\n syncWaitSecs:\n type: string\n x-dcl-go-name: SyncWaitSecs\n description: 'Period in seconds(int64 format) between consecutive\n syncs. Default: 15.'\n preventDrift:\n type: boolean\n x-dcl-go-name: PreventDrift\n description: Set to true to enable the Config Sync admission webhook\n to prevent drifts. If set to `false`, disables the Config Sync\n admission webhook and does not prevent drifts.\n x-dcl-server-default: true\n sourceFormat:\n type: string\n x-dcl-go-name: SourceFormat\n description: Specifies whether the Config Sync Repo is in \"hierarchical\"\n or \"unstructured\" mode.\n hierarchyController:\n type: object\n x-dcl-go-name: HierarchyController\n x-dcl-go-type: FeatureMembershipConfigmanagementHierarchyController\n description: Hierarchy Controller configuration for the cluster.\n x-dcl-send-empty: true\n properties:\n enableHierarchicalResourceQuota:\n type: boolean\n x-dcl-go-name: EnableHierarchicalResourceQuota\n description: Whether hierarchical resource quota is enabled in this\n cluster.\n x-dcl-send-empty: true\n enablePodTreeLabels:\n type: boolean\n x-dcl-go-name: EnablePodTreeLabels\n description: Whether pod tree labels are enabled in this cluster.\n x-dcl-send-empty: true\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Whether Hierarchy Controller is enabled in this cluster.\n x-dcl-send-empty: true\n policyController:\n type: object\n x-dcl-go-name: PolicyController\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyController\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: string\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n enabled:\n type: boolean\n x-dcl-go-name: Enabled\n description: Enables the installation of Policy Controller. If false,\n the rest of PolicyController fields take no effect.\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipConfigmanagementPolicyControllerMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enable or disable mutation in policy controller. If\n true, mutation CRDs, webhook and controller deployment will be\n deployed to the cluster.\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n templateLibraryInstalled:\n type: boolean\n x-dcl-go-name: TemplateLibraryInstalled\n description: Installs the default template library along with Policy\n Controller.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of ACM to install. Defaults to the latest\n version.\n x-dcl-server-default: true\n feature:\n type: string\n x-dcl-go-name: Feature\n description: The name of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Feature\n field: name\n parent: true\n x-dcl-parameter: true\n location:\n type: string\n x-dcl-go-name: Location\n description: The location of the feature\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n membership:\n type: string\n x-dcl-go-name: Membership\n description: The name of the membership\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Gkehub/Membership\n field: name\n x-dcl-parameter: true\n membershipLocation:\n type: string\n x-dcl-go-name: MembershipLocation\n description: The location of the membership\n x-kubernetes-immutable: true\n x-dcl-parameter: true\n mesh:\n type: object\n x-dcl-go-name: Mesh\n x-dcl-go-type: FeatureMembershipMesh\n description: Manage Mesh Features\n properties:\n controlPlane:\n type: string\n x-dcl-go-name: ControlPlane\n x-dcl-go-type: FeatureMembershipMeshControlPlaneEnum\n description: '**DEPRECATED** Whether to automatically manage Service\n Mesh control planes. Possible values: CONTROL_PLANE_MANAGEMENT_UNSPECIFIED,\n AUTOMATIC, MANUAL'\n enum:\n - CONTROL_PLANE_MANAGEMENT_UNSPECIFIED\n - AUTOMATIC\n - MANUAL\n management:\n type: string\n x-dcl-go-name: Management\n x-dcl-go-type: FeatureMembershipMeshManagementEnum\n description: 'Whether to automatically manage Service Mesh. Possible\n values: MANAGEMENT_UNSPECIFIED, MANAGEMENT_AUTOMATIC, MANAGEMENT_MANUAL'\n enum:\n - MANAGEMENT_UNSPECIFIED\n - MANAGEMENT_AUTOMATIC\n - MANAGEMENT_MANUAL\n policycontroller:\n type: object\n x-dcl-go-name: Policycontroller\n x-dcl-go-type: FeatureMembershipPolicycontroller\n description: Policy Controller-specific spec.\n required:\n - policyControllerHubConfig\n properties:\n policyControllerHubConfig:\n type: object\n x-dcl-go-name: PolicyControllerHubConfig\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfig\n description: Policy Controller configuration for the cluster.\n properties:\n auditIntervalSeconds:\n type: integer\n format: int64\n x-dcl-go-name: AuditIntervalSeconds\n description: Sets the interval for Policy Controller Audit Scans\n (in seconds). When set to 0, this disables audit functionality\n altogether.\n constraintViolationLimit:\n type: integer\n format: int64\n x-dcl-go-name: ConstraintViolationLimit\n description: The maximum number of audit violations to be stored\n in a constraint. If not set, the internal default of 20 will be\n used.\n deploymentConfigs:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigs\n properties:\n containerResources:\n type: object\n x-dcl-go-name: ContainerResources\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResources\n description: Container resource requirements.\n x-dcl-conflicts:\n - replicaCount\n - podAffinity\n - podTolerations\n properties:\n limits:\n type: object\n x-dcl-go-name: Limits\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesLimits\n description: Limits describes the maximum amount of compute\n resources allowed for use by the running container.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n requests:\n type: object\n x-dcl-go-name: Requests\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsContainerResourcesRequests\n description: Requests describes the amount of compute\n resources reserved for the container by the kube-scheduler.\n properties:\n cpu:\n type: string\n x-dcl-go-name: Cpu\n description: CPU requirement expressed in Kubernetes\n resource units.\n memory:\n type: string\n x-dcl-go-name: Memory\n description: Memory requirement expressed in Kubernetes\n resource units.\n podAffinity:\n type: string\n x-dcl-go-name: PodAffinity\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodAffinityEnum\n description: 'Pod affinity configuration. Possible values:\n AFFINITY_UNSPECIFIED, NO_AFFINITY, ANTI_AFFINITY'\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podTolerations\n enum:\n - AFFINITY_UNSPECIFIED\n - NO_AFFINITY\n - ANTI_AFFINITY\n podTolerations:\n type: array\n x-dcl-go-name: PodTolerations\n description: Pod tolerations of node taints.\n x-dcl-conflicts:\n - replicaCount\n - containerResources\n - podAffinity\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigDeploymentConfigsPodTolerations\n properties:\n effect:\n type: string\n x-dcl-go-name: Effect\n description: Matches a taint effect.\n key:\n type: string\n x-dcl-go-name: Key\n description: Matches a taint key (not necessarily unique).\n operator:\n type: string\n x-dcl-go-name: Operator\n description: Matches a taint operator.\n value:\n type: string\n x-dcl-go-name: Value\n description: Matches a taint value.\n replicaCount:\n type: integer\n format: int64\n x-dcl-go-name: ReplicaCount\n description: Pod replica count.\n x-dcl-conflicts:\n - containerResources\n - podAffinity\n - podTolerations\n x-dcl-go-name: DeploymentConfigs\n description: Map of deployment configs to deployments (\"admission\",\n \"audit\", \"mutation\").\n x-dcl-server-default: true\n exemptableNamespaces:\n type: array\n x-dcl-go-name: ExemptableNamespaces\n description: The set of namespaces that are excluded from Policy\n Controller checks. Namespaces do not need to currently exist on\n the cluster.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n installSpec:\n type: string\n x-dcl-go-name: InstallSpec\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigInstallSpecEnum\n description: 'Configures the mode of the Policy Controller installation.\n Possible values: INSTALL_SPEC_UNSPECIFIED, INSTALL_SPEC_NOT_INSTALLED,\n INSTALL_SPEC_ENABLED, INSTALL_SPEC_SUSPENDED, INSTALL_SPEC_DETACHED'\n enum:\n - INSTALL_SPEC_UNSPECIFIED\n - INSTALL_SPEC_NOT_INSTALLED\n - INSTALL_SPEC_ENABLED\n - INSTALL_SPEC_SUSPENDED\n - INSTALL_SPEC_DETACHED\n logDeniesEnabled:\n type: boolean\n x-dcl-go-name: LogDeniesEnabled\n description: Logs all denies and dry run failures.\n monitoring:\n type: object\n x-dcl-go-name: Monitoring\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoring\n description: 'Specifies the backends Policy Controller should export\n metrics to. For example, to specify metrics should be exported\n to Cloud Monitoring and Prometheus, specify backends: [\"cloudmonitoring\",\n \"prometheus\"]. Default: [\"cloudmonitoring\", \"prometheus\"]'\n x-dcl-server-default: true\n properties:\n backends:\n type: array\n x-dcl-go-name: Backends\n description: ' Specifies the list of backends Policy Controller\n will export to. Specifying an empty value `[]` disables metrics\n export.'\n x-dcl-server-default: true\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigMonitoringBackendsEnum\n enum:\n - MONITORING_BACKEND_UNSPECIFIED\n - PROMETHEUS\n - CLOUD_MONITORING\n mutationEnabled:\n type: boolean\n x-dcl-go-name: MutationEnabled\n description: Enables the ability to mutate resources using Policy\n Controller.\n policyContent:\n type: object\n x-dcl-go-name: PolicyContent\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContent\n description: Specifies the desired policy content on the cluster.\n x-dcl-server-default: true\n properties:\n bundles:\n type: object\n additionalProperties:\n type: object\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentBundles\n properties:\n exemptedNamespaces:\n type: array\n x-dcl-go-name: ExemptedNamespaces\n description: The set of namespaces to be exempted from\n the bundle.\n x-dcl-send-empty: true\n x-dcl-list-type: list\n items:\n type: string\n x-dcl-go-type: string\n x-dcl-go-name: Bundles\n description: map of bundle name to BundleInstallSpec. The bundle\n name maps to the `bundleName` key in the `policycontroller.gke.io/constraintData`\n annotation on a constraint.\n templateLibrary:\n type: object\n x-dcl-go-name: TemplateLibrary\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibrary\n description: Configures the installation of the Template Library.\n x-dcl-server-default: true\n properties:\n installation:\n type: string\n x-dcl-go-name: Installation\n x-dcl-go-type: FeatureMembershipPolicycontrollerPolicyControllerHubConfigPolicyContentTemplateLibraryInstallationEnum\n description: 'Configures the manner in which the template\n library is installed on the cluster. Possible values:\n INSTALLATION_UNSPECIFIED, NOT_INSTALLED, ALL'\n enum:\n - INSTALLATION_UNSPECIFIED\n - NOT_INSTALLED\n - ALL\n referentialRulesEnabled:\n type: boolean\n x-dcl-go-name: ReferentialRulesEnabled\n description: Enables the ability to use Constraint Templates that\n reference to objects other than the object currently being evaluated.\n version:\n type: string\n x-dcl-go-name: Version\n description: Optional. Version of Policy Controller to install. Defaults\n to the latest version.\n x-dcl-server-default: true\n project:\n type: string\n x-dcl-go-name: Project\n description: The project of the feature\n x-kubernetes-immutable: true\n x-dcl-references:\n - resource: Cloudresourcemanager/Project\n field: name\n parent: true\n x-dcl-parameter: true\n") -// 29568 bytes -// MD5: 6b8ad44a9f3a7ea167a5688797017807 +// 30146 bytes +// MD5: 83a10e0d3784ce78d058e07c927c7bd7 diff --git a/services/google/gkehub/samples/acm_config_sync.feature_membership.json b/services/google/gkehub/samples/acm_config_sync.feature_membership.json new file mode 100755 index 0000000000..d6519d4e79 --- /dev/null +++ b/services/google/gkehub/samples/acm_config_sync.feature_membership.json @@ -0,0 +1,12 @@ +{ + "project": "{{ref:gkehub.serviceusage.service.json:project}}", + "location": "global", + "feature": "projects/{{ref:acm.feature.json:project}}/locations/{{ref:acm.feature.json:location}}/features/{{ref:acm.feature.json:name}}", + "membership": "{{ref:first.membership.json:name}}", + "membershipLocation": "global", + "configmanagement": { + "configSync": { + "enabled": true + } + } +} \ No newline at end of file diff --git a/services/google/gkehub/samples/acm_config_sync_feature_membership.yaml b/services/google/gkehub/samples/acm_config_sync_feature_membership.yaml new file mode 100755 index 0000000000..4dab1a8b45 --- /dev/null +++ b/services/google/gkehub/samples/acm_config_sync_feature_membership.yaml @@ -0,0 +1,62 @@ +# Copyright 2024 Google LLC. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: acm_config_sync_feature_membership +description: A example for a GKEHub acm feature membership - Enable Config Sync only +type: feature_membership +versions: +- beta +resource: samples/acm_config_sync.feature_membership.json +dependencies: +- samples/acm.feature.json +- samples/first.membership.json +- samples/first.container.cluster.json +- samples/first.iam.service_account.json +- samples/second.iam.service_account.json +- samples/anthosconfigmanagement.serviceusage.service.json +- samples/gkehub.serviceusage.service.json +- samples/container.serviceusage.service.json +- samples/basic.cloudbilling.project_billing_info.json +- samples/basic.cloudresourcemanager.project.json +- samples/anthos.serviceusage.service.json +updates: +- resource: samples/update_1_acm_config_sync.feature_membership.json + dependencies: + - samples/acm.feature.json + - samples/first.membership.json + - samples/first.container.cluster.json + - samples/first.iam.service_account.json + - samples/second.iam.service_account.json + - samples/anthosconfigmanagement.serviceusage.service.json + - samples/gkehub.serviceusage.service.json + - samples/container.serviceusage.service.json + - samples/basic.cloudbilling.project_billing_info.json + - samples/basic.cloudresourcemanager.project.json + - samples/anthos.serviceusage.service.json +variables: +- name: billing_account + type: billing_account +- name: cluster1 + type: resource_name +- name: id + type: resource_name +- name: id1 + type: resource_name +- name: id2 + type: resource_name +- name: membership1 + type: resource_name +- name: org_id + type: org_id +- name: zone + type: zone diff --git a/services/google/gkehub/samples/acm_config_sync_feature_membership_ga.yaml b/services/google/gkehub/samples/acm_config_sync_feature_membership_ga.yaml new file mode 100755 index 0000000000..ff989569ac --- /dev/null +++ b/services/google/gkehub/samples/acm_config_sync_feature_membership_ga.yaml @@ -0,0 +1,62 @@ +# Copyright 2024 Google LLC. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +name: acm_config_sync_feature_membership_ga +description: A example for a GKEHub acm feature membership - Enable Config Sync only +type: feature_membership +versions: +- beta +resource: samples/acm_config_sync.feature_membership.json +dependencies: +- samples/acm.feature.json +- samples/first.membership.json +- samples/first.container.cluster.json +- samples/first.iam.service_account.json +- samples/second.iam.service_account.json +- samples/anthosconfigmanagement.serviceusage.service.json +- samples/gkehub.serviceusage.service.json +- samples/container.serviceusage.service.json +- samples/basic.cloudbilling.project_billing_info.json +- samples/basic.cloudresourcemanager.project.json +- samples/anthos.serviceusage.service.json +updates: +- resource: samples/update_1_acm_config_sync.feature_membership.json + dependencies: + - samples/acm.feature.json + - samples/first.membership.json + - samples/first.container.cluster.json + - samples/first.iam.service_account.json + - samples/second.iam.service_account.json + - samples/anthosconfigmanagement.serviceusage.service.json + - samples/gkehub.serviceusage.service.json + - samples/container.serviceusage.service.json + - samples/basic.cloudbilling.project_billing_info.json + - samples/basic.cloudresourcemanager.project.json + - samples/anthos.serviceusage.service.json +variables: +- name: billing_account + type: billing_account +- name: cluster1 + type: resource_name +- name: id + type: resource_name +- name: id1 + type: resource_name +- name: id2 + type: resource_name +- name: membership1 + type: resource_name +- name: org_id + type: org_id +- name: zone + type: zone diff --git a/services/google/gkehub/samples/update_1_acm_config_sync.feature_membership.json b/services/google/gkehub/samples/update_1_acm_config_sync.feature_membership.json new file mode 100755 index 0000000000..0a04072cd0 --- /dev/null +++ b/services/google/gkehub/samples/update_1_acm_config_sync.feature_membership.json @@ -0,0 +1,12 @@ +{ + "project": "{{ref:gkehub.serviceusage.service.json:project}}", + "location": "global", + "feature": "projects/{{ref:acm.feature.json:project}}/locations/{{ref:acm.feature.json:location}}/features/{{ref:acm.feature.json:name}}", + "membership": "{{ref:first.membership.json:name}}", + "membershipLocation": "global", + "configmanagement": { + "configSync": { + "enabled": false + } + } +} \ No newline at end of file diff --git a/unstructured/google/gkehub/alpha/feature_membership.go b/unstructured/google/gkehub/alpha/feature_membership.go index 4d8a118d21..8ee998216a 100755 --- a/unstructured/google/gkehub/alpha/feature_membership.go +++ b/unstructured/google/gkehub/alpha/feature_membership.go @@ -43,6 +43,9 @@ func FeatureMembershipToUnstructured(r *dclService.FeatureMembership) *unstructu } if r.Configmanagement.ConfigSync != nil && r.Configmanagement.ConfigSync != dclService.EmptyFeatureMembershipConfigmanagementConfigSync { rConfigmanagementConfigSync := make(map[string]interface{}) + if r.Configmanagement.ConfigSync.Enabled != nil { + rConfigmanagementConfigSync["enabled"] = *r.Configmanagement.ConfigSync.Enabled + } if r.Configmanagement.ConfigSync.Git != nil && r.Configmanagement.ConfigSync.Git != dclService.EmptyFeatureMembershipConfigmanagementConfigSyncGit { rConfigmanagementConfigSyncGit := make(map[string]interface{}) if r.Configmanagement.ConfigSync.Git.GcpServiceAccountEmail != nil { @@ -328,6 +331,13 @@ func UnstructuredToFeatureMembership(u *unstructured.Resource) (*dclService.Feat if _, ok := rConfigmanagement["configSync"]; ok { if rConfigmanagementConfigSync, ok := rConfigmanagement["configSync"].(map[string]interface{}); ok { r.Configmanagement.ConfigSync = &dclService.FeatureMembershipConfigmanagementConfigSync{} + if _, ok := rConfigmanagementConfigSync["enabled"]; ok { + if b, ok := rConfigmanagementConfigSync["enabled"].(bool); ok { + r.Configmanagement.ConfigSync.Enabled = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.Configmanagement.ConfigSync.Enabled: expected bool") + } + } if _, ok := rConfigmanagementConfigSync["git"]; ok { if rConfigmanagementConfigSyncGit, ok := rConfigmanagementConfigSync["git"].(map[string]interface{}); ok { r.Configmanagement.ConfigSync.Git = &dclService.FeatureMembershipConfigmanagementConfigSyncGit{} diff --git a/unstructured/google/gkehub/beta/feature_membership.go b/unstructured/google/gkehub/beta/feature_membership.go index ad0fdb0fa6..8696a5f8fb 100755 --- a/unstructured/google/gkehub/beta/feature_membership.go +++ b/unstructured/google/gkehub/beta/feature_membership.go @@ -43,6 +43,9 @@ func FeatureMembershipToUnstructured(r *dclService.FeatureMembership) *unstructu } if r.Configmanagement.ConfigSync != nil && r.Configmanagement.ConfigSync != dclService.EmptyFeatureMembershipConfigmanagementConfigSync { rConfigmanagementConfigSync := make(map[string]interface{}) + if r.Configmanagement.ConfigSync.Enabled != nil { + rConfigmanagementConfigSync["enabled"] = *r.Configmanagement.ConfigSync.Enabled + } if r.Configmanagement.ConfigSync.Git != nil && r.Configmanagement.ConfigSync.Git != dclService.EmptyFeatureMembershipConfigmanagementConfigSyncGit { rConfigmanagementConfigSyncGit := make(map[string]interface{}) if r.Configmanagement.ConfigSync.Git.GcpServiceAccountEmail != nil { @@ -328,6 +331,13 @@ func UnstructuredToFeatureMembership(u *unstructured.Resource) (*dclService.Feat if _, ok := rConfigmanagement["configSync"]; ok { if rConfigmanagementConfigSync, ok := rConfigmanagement["configSync"].(map[string]interface{}); ok { r.Configmanagement.ConfigSync = &dclService.FeatureMembershipConfigmanagementConfigSync{} + if _, ok := rConfigmanagementConfigSync["enabled"]; ok { + if b, ok := rConfigmanagementConfigSync["enabled"].(bool); ok { + r.Configmanagement.ConfigSync.Enabled = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.Configmanagement.ConfigSync.Enabled: expected bool") + } + } if _, ok := rConfigmanagementConfigSync["git"]; ok { if rConfigmanagementConfigSyncGit, ok := rConfigmanagementConfigSync["git"].(map[string]interface{}); ok { r.Configmanagement.ConfigSync.Git = &dclService.FeatureMembershipConfigmanagementConfigSyncGit{} diff --git a/unstructured/google/gkehub/feature_membership.go b/unstructured/google/gkehub/feature_membership.go index e34a6b4afc..69d913c0b6 100755 --- a/unstructured/google/gkehub/feature_membership.go +++ b/unstructured/google/gkehub/feature_membership.go @@ -43,6 +43,9 @@ func FeatureMembershipToUnstructured(r *dclService.FeatureMembership) *unstructu } if r.Configmanagement.ConfigSync != nil && r.Configmanagement.ConfigSync != dclService.EmptyFeatureMembershipConfigmanagementConfigSync { rConfigmanagementConfigSync := make(map[string]interface{}) + if r.Configmanagement.ConfigSync.Enabled != nil { + rConfigmanagementConfigSync["enabled"] = *r.Configmanagement.ConfigSync.Enabled + } if r.Configmanagement.ConfigSync.Git != nil && r.Configmanagement.ConfigSync.Git != dclService.EmptyFeatureMembershipConfigmanagementConfigSyncGit { rConfigmanagementConfigSyncGit := make(map[string]interface{}) if r.Configmanagement.ConfigSync.Git.GcpServiceAccountEmail != nil { @@ -328,6 +331,13 @@ func UnstructuredToFeatureMembership(u *unstructured.Resource) (*dclService.Feat if _, ok := rConfigmanagement["configSync"]; ok { if rConfigmanagementConfigSync, ok := rConfigmanagement["configSync"].(map[string]interface{}); ok { r.Configmanagement.ConfigSync = &dclService.FeatureMembershipConfigmanagementConfigSync{} + if _, ok := rConfigmanagementConfigSync["enabled"]; ok { + if b, ok := rConfigmanagementConfigSync["enabled"].(bool); ok { + r.Configmanagement.ConfigSync.Enabled = dcl.Bool(b) + } else { + return nil, fmt.Errorf("r.Configmanagement.ConfigSync.Enabled: expected bool") + } + } if _, ok := rConfigmanagementConfigSync["git"]; ok { if rConfigmanagementConfigSyncGit, ok := rConfigmanagementConfigSync["git"].(map[string]interface{}); ok { r.Configmanagement.ConfigSync.Git = &dclService.FeatureMembershipConfigmanagementConfigSyncGit{}